I was connected to the switch via winbox using the mac-address. I added ethers 1-48 to the appropriate vlans. I setup one of the sfp ports as a trunk port. I had not yet configured an IP address for the device when I reached the point in the guide where it said to turn on vlan filtering. As soon as I turned on vlan filtering, I could not longer connect to the CRS324 through the mac address.
I see the switch has both a management port and a console port. Based on my research, it looks like I could get into the switch with the console port if I can track down a cisco console cable. Is there a way to get back into the switch using the management port, or via some other method besides the console port?
@Cablenut9, feranmi, and rextended, I tried accessing the switch from the management port directly and from various ports covering all the vlans, including the sfp trunk port, and was not able to get a response from the switch.
@anav Thank you for the link. I’m going to try the steps in the video the next time I setup a Mikrotik switch.
I feel like i have inadvertently stumbled upon a way to make your switch completely secure, as long as you never need remote access to change anything.
I’m going to try the console port next, I think I can find a cisco serial rj45 console cable around the office.
Try on MGMT port winbox over MAC address, put directly the 1ST or the last MAC on the label under the router.
Can eighboor discovery turned off but MAC server still active…
This ticket is way old, but we finally resolved the issue today. No matter what MAC address we tried, we could not get in via winbox. We were able to get access using a cisco console cable. We discovered that our configuration had ether49, which is the management port, listed in the bridge. Once we removed ether49 from the bridge, we were able use winbox while plugged into the management port.