Help with new Vlan Setup

lemonmagic · March 11, 2019, 8:21am

Just found out that Mikrotik changed the Vlan Setup Routeros.
After trying for a couple of Days, could someone show me an Example how to realize this with the new Setup:

Ether1: Tagged Vlan 1, 5, 6, 7, 10
Ether2: Untagged Vlan 5
Ether3: Untagged Vlan 1, Tagged Vlan 5, 6, 7, 10
Ether4: Tagged Vlan only 7, 10
Wireless1: ap bride, Vlan 5
Wireless2: virtual ap, vlan 6
General Config: Dynamic Dhcp Client, Vlan 5

Currently I can not figure out how this is possible

anav · March 11, 2019, 10:38am

http://forum.mikrotik.com/t/using-routeros-to-vlan-your-network/126489/1
is the best reference followed by the wiki.
Overall not using vlan1 is recommended.

Once you have it configured post here for review
/export hide-sensitive file=yourconfig

anav · March 11, 2019, 12:07pm

Assuming Trunk ports are ether1, ether3, ether4
Assuming Access ports are ether2, WLAN1, VWLAN

Recommend use vlan11 (vice vlan1)
Ether1: Tagged Vlan 11, 5, 6, 7, 10
Ether2: Untagged Vlan 5
Ether3: Tagged Vlan 11,5, 6, 7, 10
Ether4: Tagged Vlan only 7, 10
Wireless1: ap bride, Vlan 5
Wireless2: virtual ap, vlan 6

Which model of router? and post entire config
/export hide-sensitive file=yourconfig

lemonmagic · March 11, 2019, 2:49pm

Having trunk ports and access ports is fine, but I am struggling with having different Trunk Ports.

ether1 having all vlans (11, 5 , 6 , 7, 10), ether3 should be a trunk port with an untagged vlan 11 (tagged: 5, 6 , 7, 10), and ether 4 should only send 2 tagged vlans (7, 10).

Is that possible?

anav · March 11, 2019, 3:26pm

What do you mean eth3 needs an untagged port???
Is ether 3 connected to a managed switch??

Draw a diagram of what ports are connected to…

lemonmagic · March 11, 2019, 4:44pm

eth1: is the uplink trunk port to the router with all Vlans available
eth3: is a link to a ubiquiti ap, with 4 different SSID’s, managemnt vlan is 11 and therefore needs to be untagged for ubiquiti. (Called General Port in other switches, not trunk)
eth4: is a link to an Voip System, and for security reasons should only contain vlan 7 & 10

anav · March 11, 2019, 5:14pm

You cant untag 11 to the AP.
It needs to be tagged.
How you deal with it will be at the AP software or config.
The AP will decide which WLANs to untag…

AlainCasault · March 11, 2019, 5:30pm

Hello,

I know what you mean as I have a Unifi also.

I basically took the IP address of my Telco devices’ subnet and its associated DHCP server and moved them to the trunk bridge.

The Unifi is connected to a trunk port, but because the IP was set to the trunk bridge, that subnet became untagged.

Of course, all MT routers have to be setup the same way for THAT subnet.

Also, I ONLY use the DHCP server to allocate addresses to Unifi APs. All MT interfaces have hard coded addresses.

Cheers,

Sent from my cell phone. Sorry for the errors.

AlainCasault · March 11, 2019, 5:59pm

Also, try this.

I think this is what you’re going for.

https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features

Cheers,