This is my first attempt to implement something using RouterOS. I am not terribly familiar with the RouterBoard OS, and I am finding the manual to be difficult to ingest. I was hoping someone would be able to help me with the configuration. I have a RB2011iL-IN, an external switch, and an EnGenius EAP350. Here is what I am trying to do:
ETH1 is to be the WAN port and it will be connected to the ISP.
ETH2 is the port the EnGenius EAP350 Access Point will be plugged into.
ETH3 is the port the LAN switch will be plugged into.
ETH10 might optionally be an emergency administrative port I can plug a laptop directly into.
The EnGenius EAP350 will have two VLANS that create the internal and guest networks. VLAN1 is the internal and VLAN2 is the guest. Each will be attached to a separate SSID. It would be nice to have a hotspot (captive portal) on VLAN2 for the guest network. So This means VLAN1 will need to be available on both ports ETH1 and ETH2, but VLAN2 only really needs to be on ETH1.
Mapping all this to interfaces, firewall rules, VLAN, bridge or switch, ect is kicking my butt. I have gotten quite a ways, but it does not work.
I put my current configuration on pastebin (http://pastebin.com/E1t6hJut) for you to see. If I am close and some corrections can get me working, great. Otherwise, the above is what I am trying to get, and if you have a better idea how to do it or a boilerplate configuration you are use to that will do this, that is fine too. Thank you for any assistance you can provide.
Future considerations – For right now the WAN is DHCP client, but it will end up being a Static IP. I don’t think this will be an issue. Once I have it working I will also be needed to add a IPSec tunnel to another router. This is currently setup on the old router, which is a Netgear Prosafe. However, the ProSave will not communicate to the ISP’s Juniper Router and this is why I will be swapping it out.
Thank you in advance for any help you can provide.