Gateway router is on MoCA backbone which is connected to ISP; I want to connect APs on the same backbone so I need to send tagged VLAN out the same port. But I am having a hard time understanding how to go at this starting from default conf.
Do I have to add the WAN port to the bridge to do the VLAN? This is the part I am confused about because it doesn’t make sense to have WAN bridged to LAN…
I ordered an unmanaged switch to put between the ISP and the backbone so I can filter my VLANs and tag the WAN if needed, but until then WAN will be untagged…
I would probably have both VLAN’s tagged on eth1 (and do filtering on the bridge). Either way, you would have to use a managed switch to be able to do VLAN filtering.
the simpler way, just add vlan interface under wan port and add that to the bridge. With vlan 1 I was able to plug in my laptop to the backbone and I got connected to my LAN!! Yay!! But I think I should not use 1, so I set it to 142, then on my laptop after updating ethernet driver I can set VLAN ID to 142 and it works again!
But the other way is to bridge the WAN port and then assign WAN and LAN to VLAN interfaces under the bridge and enable vlan filtering… so I guess even though everthing’s bridged they are isolated within the bridge by VLANs.
But I really like the simpler way!
BTW, question, on bridge port I can set for vlan interface “admit only VLAN tagged”, but does this actually do anything or is this already implicitly done by the vlan interface?
So you have a router which is getting WAN from cable and out that cable needs to go to VLANS for APs somehow connected on the same MOC???
Entirely possible how to do it is a good question.
Lets say we dump the idea of the WAN interface list…
Lets assume its a wifi router wifi1 is home, wifi2 is guest wifi3 is iot
ether1-wan, ether2 -AP local, ether3-homepc, ether4 - to unmanaged switch connecting IOT devices, ether5 home printer.
total of three APS, two through backbone, one through MT router port.
/interface bridge vlans
add bridge=bridge tagged=bridge untagged=ether1 vlan-ids=2 { to capture and return all WAN traffic back to the ISP }
add bridge=bridge tagged=bridge,ether1,ether2 vlan-ids=20 { assuming guest vlan is going to the two APs thru the backbone }
add bridge=bridge tagged=bridge,ether1,ether2 untagged=ether4 vlan-ids=30 {assuming iot is going to the two APs thru the backbone }
add bridge=bridge tagged=bridge,ether1,ether2 untagged=ether3,ether5 vlan-ids=10 { assuming home vlan is going to the two APs via backbone }
/interface list members
add interface=vlan2WAN list=WAN
add interface=vlan10-Home list=LAN
add interface=vlan20-Guest list=LAN
add interface=vlan30-IOT list=LAN
I wish you good health. I have the same problem. Thank you very much for the detailed configuration! Could you also add the configuration of the bridge itself? As I understand it, vlan-filtering should be enabled in it. And the second question is: how do I set up a VLAN on the second mikrotik, which is connected via a hybrid wan\lan port to this mikrotik via the physical ether1 port?