I am needing to tag all local traffic with a vlan as it leaves the router through the wan port. I am using winbox to configure the router since I have not had a chance to leave the command-line yet. I created the vlan under Interfaces–>vlan and then assigned the IP to it under IP–> addresses but I cannot get it to work.
Any suggestions?
Thanks,
Charley
why do you need to tag it? does the device you are connected to understand your VLAN tagging?..
Here is the setup.
Mikrotik Router–>Ubiquiti NanoStation2–> <–Ubiquiti Rocket M5<–Cisco Router
I am trying to seperate customer traffic by using separate vlans. I want to use the default vlan for wireless gear management. To do that I need to be able to tag customer traffic to a specific vlan and the Ubiquiti gear does not support tagging of the ethernet traffic. If will pass vlans but not force traffic to a specific vlan. I want to use the Mikrotik router as customer cpe and tag the packets as they leave the router.
Thanks,
Charley
how do you test it?..
The device you’re connecting to also needs to send back the appropriate tagged traffic. MikroTik doesn’t have a concept of PVID, so it will not automatically tag anything for you. When you add in a VLAN the MikroTik see is as just another physical interface that it can use.
The Ubiquita gear will pass vlans and the Cisco on the other end will be sending back the vlan. I just need, somehow, to tag customer traffic to a specific vlan. I thought this could be done with the mikrotik.
I hope I am being clear on what I am trying to do. If not, please let me know and I will try to explain better.
Thanks,
Charley
If you put the VLAN on the WAN interface, assigned the IP address to that VLAN and not the physical interface it is on, and have the correct NAT rule and default route to the internet, anything leaving the MikroTik over that VLAN interface will leave with the VLAN tag. It will also only read packets coming into that interface with the same VLAN tag, everything else will be dropped.
Run torch on your WAN port and be sure to have the VLAN option checked to see what is coming in and going out.