Dear Mikrotik Community,
Im feeling like the "Sorcerers Apprentice" right now who can`t handle the Ghosts i called for in RouterOS and hopefully I can get some advice. But first things first:
The starting point Setup:
For nearly 3 years now my setup was running flawlessly. It consists of a CRS328 switch with RouterOS, which seems to be a mighty switching/routing OS but with little ease of use (at least for me as an “apprentice”). I managed to configure (with Winbox) a Bridge on the CRS, added every interface needed, seperated my logical LAN structure with VLANs, including every VLAN with its own DHCP-Server addressing the clients and connected this logical structure to my Cable router (Fritz!Box) with a static route. Beside the wired connections Wifi is implemented through 3 Ubiquiti APs (handled by a Cloud Key Gen 2+). I put the Ubiquiti hardware in the Management VLAN (VLAN ID1 untagged) and the APs are distributing 3 different SSIDs putting the clients into the correct VLAN based of the SSID/PW chosen. Therefore the Ubiquiti access points are “Tagged” devices within the necessary VLANs (IoT, Guests and “private” traffic).
The challenge:
Recently we got fiber to our house and I want to integrate the Ubiquiti Cloud Gateway Fiber (CGF) to replace the Cable Router (and the Ubiquiti Cloud Key Gen 2+). At this point there is a challenge which brings somehow my brain to melt. The CGF has to stay within the Management VLAN (VLAN ID 1 Static IP: x.x.99.9) whereas the CRS switch handles the general VLAN configuration with its own DHCP-servers and the Gateway X.X.99.1. The other VLANs are now unable to route their traffic to the CGF to find their way into the WAN and I don’t know how i have to configure this Inter-VLAN routing smart and straightforward in RouterOS. I tried static routes from each VLAN to point to the CGF IP-address directly, but that didn’t work. The only real change is, that the Router is now within a VLAN and not outside of the configured Bridge anymore.
Maybe there is no “big challenge” to change the configuration to my needs, but for now I wasted several days on possible configuration changes on the CRS with unsatisfying results. I configured a trunk via 10GbE DAC-Cable between the CGF and the CRS so the physical connection between my CRS VLANs and CGF is established. But my VLANs are not routing their traffic to the CGF.
How do I have to align the configuration of the CRS so that all of my VLANs are routing internet traffic to the CGF?