I have a basic configuration trying to follow the documentation. Is there a way to get ‘dedicated’ 4 ports of management ‘network’ configured?
Should I use ‘vlan 0 untagged’ or vlan 99 example? If I use the ‘vlan99’ example, can I have a management port on a dedicated vlan without having to tag every port? Basically I just want a ‘management’ vlan for all of my devices, INCLUDING the router. So I could say plug in 5 devices and ‘get onto’ the management network.
The dedicated vlan 99 configuration looks like this is impossible. Any ideas?
I guess my main question is if I have four vlans (management(101), inside(102), outside(103), VM(104). Master port is the SFP, with the ethernet1). I would like to have ports 1-8 in the management ‘zone’ with the ‘master’ port being sfp1.
If you mean sfp port as a VLAN trunk port for vlan101;102;103;104, ether1-ether8 as VLAN access ports for vlan101 and also need IP from the same vlan101 on the CRS swtich, then this configuration should do it.
#create a group of ports for switching
/interface ethernet
set ether1 master-port=sfp1
set ether2 master-port=sfp1
set ether3 master-port=sfp1
#similar for other ports...
#add ingress vlan translation rule for access ports
/interface ethernet switch ingress-vlan-translation
add ports=ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8 \
customer-vid=0 new-customer-vid=101 sa-learning=yes
#add tagged vlan ports to define vlan trunks. "switch1-cpu" has to be added for access to CRS IP address.
/interface ethernet switch egress-vlan-tag
add tagged-ports=sfp1,switch1-cpu vlan-id=101
add tagged-ports=sfp1 vlan-id=102
add tagged-ports=sfp1 vlan-id=103
add tagged-ports=sfp1 vlan-id=104
#add vlan interface to be able to configure IP for vlan101 on CRS
/interface vlan
add name=vlan101 vlan-id=101 interface=sfp1
/ip address
add address=192.168.88.1/24 interface=vlan101 network=192.168.88.0