Hello all,
im newbie want to ask what need to be setup on mikrotik(as gateway to internet) so could communicate and trunk with L3 switch(which had vlans and set intervlan)
I’ve set 2 int on mikrotik
publik (IP publik)
ether1 (IP private)
and configured src nat masquerade
but it seems only default vlan could connect to internet
is mikrotik(v5.14) need and able to carry vlan info masybe need set port as trunk or something?
Please advice
Thanks
I have never configured a mikrotik router to do this, but i do have a similar setup and i think its not a gear depandant issue. If i understand you correctly, there are a couple of ways you can do it:
OPTION 1
route all the vlans on your layer 3 switch so that all internet traffic goes through a single vlan then connect that vlan (UNTAGGED) to the mikrotik router. using a configuration like this does NOT require a VLAN TRUNK to the router, as all traffic is ROUTED across another vlan.
given your diagram, consider this:
VLAN1 has the subnet 192.168.1.0/24, give the switch an IP address on this VLAN of 192.168.1.2
VLAN2 has the subnet 192.168.2.0/24, give the switch an IP address on this VLAN of 192.168.2.2
create VLAN3 with 192.168.0.0/24, give the switch an IP address on this VLAN of 192.168.0.2
give mikrotik an inside IP of 192.168.0.1, and connect this interface to an UNTAGGED port on VLAN3.
create static routes on layer 3 switch:
0.0.0.0/0 > 192.168.0.1 (default route points to the mikrotik inside IP)
192.168.0.0/24 > 192.168.0.2
192.168.1.0/24 > 192.168.1.2
192.168.2.0/24 > 192.168.2.2
you also need a route on your mikrotik to route ALL 192.168.0.0 traffic back to your layer3 switch:
192.168.0.0/16 > 192.168.0.2 (using a 16bit mask will allow you to add more vlans in the 192.168.x.x range later without having to tweak the route)
my example uses static routes to let you see whats going on, but you could also set up RIP.
keep in mind, with this setup you may need to create some access-lists, or routing rules (whatever your vendor calls it) to keep traffic on VLAN1 from being routed to VLAN2, if you need the vlans completely seperate.
OPTION 2
do no routing on your layer 3 switch (then you wouldnt be using layer 3 on the switch!)
trunk all vlans (add all vlans as TAGGED) to 1 port on your layer 3 switch and plug that in to your mikrotik. create all the vlans on your mikrotik inside interface as TAGGED, add the proper IPs to each vlan interface (see above). then let your mikrotik handle all the routing and firewalling between vlans and internet.
i dont think this is the best option, as typically your internal LAN runs at a higher speed than you can put through your router, and this shifts the burden of all internal routing to your router away from your layer3 switch… i only mention it because it can be done this way and may be better for a small network because of simplicity.
as i said, ive never done it with mikrotik, but ive done it with several other vendors, its just routing and vlanning 
hope that helps!
mrEllis thank you for your input..
actually intervlan already communicated well as i already set all IP for all Vlan interfaces and set static default route to Mirotik interface.
vlan native able to use internet but other vlans failed.
seems like MT couldnt recognise other network on other vlan.
Tried to add route back to other vlan(on MT add static route back to vlan2 network tried both using vlan 1 and vlan 2 ip int as next hop)but no luck yet.
Please do inform me if u have any suggestion.
Thinking your 2nd option to add vlan also at MT and set all PC gateway to vlan int at MT but am still thinking to spread the workload for this 2 devices and gain higher speed on my local network.
Thank you.