Hello,

First, I am totally new to this level of networking but I did study it in depth by reading the manuals and forums for about a month so I have became familiar with the terms and am pretty familiar with my switch. A friend gave me the RB750 and it is set up for port based VLANs.

I have everything working and it's acting as it should. My problem is I want to be able to access devices on other VLANs. I have two networked satellite receivers and other computers and will be installing NAS etc. If I attach a satellite receiver to the same VLAN my computer is plugged into I can play and record from it but I need to do this from any VLAN. I can also access files on the other computers as long as they are on the same VLAN. It doesn't matter which VLAN, they all work but both devices must be on the same VLAN. I can ping any of the VLANs from any VLAN. I can ping any device on any VLAN from any VLAN.

I have an HP 5120 PoE 48 port Layer 3 Switch and have set up three IP sub-net based VLANs. These were set up with the ip-subnet-vlan commands, not just given sub-net addresses.

The VLANs in the switch are as follows.

VLAN 1: 192.168.10.0 - Ports 1-16
VLAN 2: 192.168.20.0 - Ports 17-32
VLAN 3: 192.168.30.0 - Ports 33-48

This is how the switch displays the VLANs:

display ip-subnet-vlan vlan all

VLAN ID: 1
Subnet Index IP Address Subnet Mask

0 192.168.10.0 255.255.255.0
VLAN ID: 2
Subnet Index IP Address Subnet Mask

0 192.168.20.0 255.255.255.0
VLAN ID: 3
Subnet Index IP Address Subnet Mask

0 192.168.30.0 255.255.255.0

I changed the default address of the RB750 and it is set up on VLAN 1 with IP address 192.168.10.1. Port 1 is the gateway with internet attached to it from the DSL router with a gateway of 192.168.1.254.

Port 1 is ether1-gateway and is attached to the DSL router.
Port 2 is ether2-master-local and goes to port 1 of the HP (VLAN 1).
Port 3 is ether3-slave-local and goes to port 17 on the HP (VLAN 2).
Port 4 is ether4-slave-local and goes to port 33 on the HP (VLAN 3).

The HP VLANs are currently set up to get their IP by DHCP from the MT. I believe they need to be set up with static addresses but I don't know how to do this in the MT.

The MT is setup with DHCP servers for each VLAN and they work. When you plug into the HP you are assigned the proper sub-net IP address and all VLANs have internet access. Your default route and gateway will be .1 for any of the sub-nets, like this for VLAN 2: 192.168.20.1

It is my understanding that the HP switch will allow inter-vlan communication but you have to set it up properly and this is the problem.

The HP 5120 configuration manual says this:

Configuring basic settings of a VLAN interface

For hosts of different VLANs to communicate, you must use a router or Layer 3 switch to perform Layer 3
forwarding. You use VLAN interfaces to achieve this.

VLAN interfaces are virtual interfaces used for Layer 3 communication between different VLANs. They do
not exist as physical entities on devices. For each VLAN, you can create one VLAN interface. You can
assign the VLAN interface an IP address and specify it as the gateway of the VLAN to forward traffic
destined for an IP subnet different from that of the VLAN.

According to that if I use the VLAN IP as the gateway then it will route between VLANs. The MT is assigning addresses with DHCP and it assigns the default route and gateway as the IP address of the interface being used. For instance, if you plug into HP port 22 (VLAN 2) your default route/gateway is 192.168.20.1 which is the IP address of ether3-slave-local. If you plug into HP port 37 (VLAN 3) your default route/gateway is 192.168.30.1 which is the IP address of ether4-slave-local.

I can access the configuration page of my Cisco 3502 AP on VLAN 1 from any VLAN. I can access the configuration page of the HP from any sub-net IP (from any VLAN). Everything seems to work great, but I can't stream from the satellite receiver or share files unless both devices are on the same VLAN.

I'd appreciate any help and I believe the problem is I just don't know enough about the RB750. According to the HP manual it appears the computer needs to have the VLAN IP as the gateway to be able to access other VLANs and if the address isn't found there then the request would be sent to the router for routing to the internet. I think I need static addresses for the HP VLANs, probably assigned by MAC address, and then the computer would need the VLAN IP as the gateway. I think the HP can route between VLANs without the help of the router. I did have it all set up in only the HP with the HP providing DHCP servers and I had three stand alone sub-net networks. I shutdown those DHCP servers and had the MT take over and provide DHCP servers and the intetnet gateway. That was the problem with just the HP switch, there was no internet access from the other VLANs, only VLAN 1 had internet access.

I also do not understand VLANs in the MT and how they relate or link to VLANs in the HP. I'm sorry this is so long and I hope I haven't confused you but I know you need the details. I can post the HP configuration if you need it. Thank you.

Here is the MT configuration:

[admin@MikroTik] > export compact

oct/15/2016 12:04:08 by RouterOS 6.37.1

/interface ethernet
set [ find default-name=ether1 ] name=ether1-gateway
set [ find default-name=ether2 ] name=ether2-master-local
set [ find default-name=ether3 ] name=ether3-slave-local
set [ find default-name=ether4 ] name=ether4-slave-local
set [ find default-name=ether5 ] master-port=ether2-master-local name=
ether5-slave-local
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des
/ip pool
add name=default-dhcp ranges=192.168.10.10-192.168.10.254
add name=v2 ranges=192.168.20.10-192.168.20.250
add name=v3 ranges=192.168.30.10-192.168.30.250
/ip dhcp-server
add address-pool=default-dhcp disabled=no interface=ether2-master-local
lease-time=3d name=default
add address-pool=v2 bootp-support=dynamic disabled=no interface=
ether3-slave-local lease-time=3d name=v2 src-address=192.168.20.1
add address-pool=v3 always-broadcast=yes bootp-support=dynamic disabled=no
interface=ether4-slave-local lease-time=3d name=v3 src-address=192.168.30.1
/system logging action
set 0 memory-lines=100
set 1 disk-lines-per-file=100
/interface ethernet switch vlan
add ports=ether2-master-local switch=switch1 vlan-id=1
add ports=ether3-slave-local switch=switch1 vlan-id=2
add ports=ether4-slave-local switch=switch1 vlan-id=3
/ip address
add address=192.168.10.1/24 comment="VLAN 1-10" interface=ether2-master-local
network=192.168.10.0
add address=192.168.30.1/24 comment="VLAN 3-30" interface=ether4-slave-local
network=192.168.30.0
add address=192.168.20.1/24 comment="VLAN 2-20" interface=ether3-slave-local
network=192.168.20.0
/ip dhcp-client
add comment="default configuration" dhcp-options=hostname,clientid disabled=no
interface=ether1-gateway
/ip dhcp-server network
add address=192.168.10.0/24 comment="default configuration" dns-server=
192.168.10.1 gateway=192.168.10.1
add address=192.168.20.0/24 comment=vlan2-20 dns-server=192.168.20.1 gateway=
192.168.20.1
add address=192.168.30.0/24 comment=vlan3-30 dns-server=192.168.30.1 gateway=
192.168.30.1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.10.1 name=router
/ip firewall filter
add action=accept chain=input comment="default configuration" protocol=icmp
add action=accept chain=input comment="default configuration" connection-state=
""
add action=accept chain=input comment="default configuration" connection-state=
""
add action=drop chain=input comment="default configuration" in-interface=
ether1-gateway
/ip firewall nat
add action=masquerade chain=srcnat comment="default configuration"
out-interface=ether1-gateway
/ip proxy
set cache-path=web-proxy1 max-cache-size=none parent-proxy=0.0.0.0
/ip service
set api disabled=yes
/ip traffic-flow
set cache-entries=4k
/system clock
set time-zone-autodetect=no time-zone-name=America/Chicago
/system clock manual
set dst-end="nov/06/2016 02:00:00" dst-start="mar/13/2016 02:00:00" time-zone=
-06:00
/system ntp client
set enabled=yes primary-ntp=104.131.53.252
/tool mac-server
set [ find default=yes ] disabled=yes
add interface=ether2-master-local
add interface=ether3-slave-local
add interface=ether4-slave-local
add interface=ether5-slave-local
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=ether2-master-local
add interface=ether3-slave-local
add interface=ether4-slave-local
add interface=ether5-slave-local
/tool sniffer
set filter-mac-address=00:56:A3:4B:39:F3/FF:FF:FF:FF:FF:FF

This is solved. The reason I thought I wasn’t able to fully access other VLANs was because I couldn’t stream from my satellite receiver that uses SAT2IP.
I didn’t know I had to install the “Multicast” package to deal with multicast streams. After I installed that I was able to go to Routing>PIM and add the interfaces and everything just works.
The RB750 and this HP switch are awesome together. All of the VLANs are setup in the switch with no VLAN configuration in the MT at all now.
I set up the MT ports 2, 3 and 4 as trunk ports on the HP for each set of VLAN ports, a port based VLAN configuration.

This is exactly what I wanted and I’m very happy with it.

That’s close to the way I do it. In my data cabinet, I have two RB750r2 routers and a HP 2610-48 switch. There are eight VLANs in use in the switch. Six of the VLANs appear in router #1, and five of the VLANs appear in router #2. Since the routers only have five physical ports, I had to combine two LANs on router #1.

Hello k6ccc,

As I said I’m really new to this level of networking and was shocked when I seen what the RB750 can do! I have a large satellite dish and bought a couple of receivers that can do SAT2IP (stream to IP). Right off I knew I needed a switch as wifi through my router wasn’t cutting it. The HD video skipped and ate up the whole network, internet and all, it was just a mess. I wanted a stand alone network that had subnets for the satellite receivers etc.

So I got a deal on the HP switch and I set up true subnet VLANs on it. I didn’t know a thing about it when I got it, I studied it and learned how to set up the VLANs etc. Then I figured out my router couldn’t do what I needed either because the HP has limited layer 3 functionality. I have some consumer type routers laying around here and none of them even came close to what I needed either.

About a month ago a friend bought the RB750 at a garage sale for $2 and just gave it to me. All he wanted was the power supply out of it so he gave me the box with the router in it. I totally forgot I had it. I took it out of the box and immediately recognized the name but I couldn’t remember what I read or where so I Googled it. After that I couldn’t wait to get it plugged in but I didn’t have a power supply. I finally found a PS and when I logged into it I was like wow! Where do I start? What a learning curve and together with the switch it was a lot to learn in a week.

I knew what I wanted and I hope I’ve done it right. I have it set up like this:

MT port 2 > HP port 1 (VLAN 1 is on ports 1-16)
MT port 3 > HP port 17 (VLAN 2 is ports 17-32)
MT port 4 > HP port 33 (VLAN 3 is ports 33-48)

Port 1, 17 and 33 are set up as trunk ports and are members of only the VLAN they are in for now. I think I can create more VLANs easily from this set up if I want or need to.

I am using VLAN 1 for the computers including a Cisco 3502i access point that I converted to autonomous. The AP is powered by PoE on port 16 of VLAN 1. The satellite receivers are the only devices on VLAN 2. The RB750 is providing DHCP servers for all of the subnets with DHCP relay set up on the HP. If I lose internet my networks will still function. This is one thing I wanted, file sharing and streaming even if I lose my internet. Before it all died and now it is stand alone with internet if you want it!

I do have a question if you happen to know. When I was learning about the HP switch I had all of my VLANs set up using the HP’s internal DHCP servers. It was a stand alone IP network all by itself but no internet of course. After taking a look at how the MT worked I decided to change the set up in the HP to use DHCP relay with the DHCP servers in the MT.

I know the router has to know which IP address goes to which device in order to route traffic. If I manually assign my computer an IP address and just butt into the network it won’t work because none of the other devices know where I am. I did try to get the MT to route and provide internet while using the DHCP servers in the HP and it wasn’t working. Is there a way to get the MT to route while using the DHCP servers in the HP? There would have to be a way for the MT to access or learn the IP addresses being assigned by the HP. I’m thinking there is a way but I don’t know how to do it.

I would have liked to have kept the original set up on the HP where it provided the DHCP servers and would run my internal network including the VLANs by itself but I just couldn’t get the MT to route anything like that. I read about routing protocols that have discovery or something like that but I don’t think the HP does it. I Googled everything but couldn’t figure this out. Maybe I wasn’t Googling the correct terms to find what I needed. Do you know if this is possible?

From what I’ve learned I think I should’ve gotten a different switch. This HP is considered a Comware switch from 3COM, and I guess HP’s uses something else.

Oh, I just hate these fans in this HP. I’m looking for something with no fans, maybe a CRS125-24G-1S-RM. I do wish I had studied switches more before buying the HP and I wish I knew about Mikrotiks for sure! I want this switch in the same room with me but there is no way with the hum of those fans.