VLAN and non VLAN networks on same interface

Hi, i am a beginner with mikrotik. So please bare with me.

I am in the process of configuring my mikrotik device ( CCR1009-7G-1C ). It is supposed to replace my pfsense at some point when i migrated all the config settings. At the moment it doesnt do any routing.
While configuring it i noticed a behavior that i cannot pinpoint on a configuration fault. Maybe somebody can help.

The router is currently connected on a trunk port on my switch and i can connect via winbox to all router IPs, but i cannot transfer any files to the IP 1.3.3.17. The transfer just stalls and never continues. Transferring over the VLAN IPs works.

When i disable all VLANs on my switch port i cannot connect to the router at all. Shouldnt i be able to connect at least to 1.3.3.17 ?

Here is my router configuration.

/interface vlan
add interface=ether7 name=vlan7_telekom vlan-id=7
add interface=ether1 name=vlan10 vlan-id=10
add interface=ether1 name=vlan20_vpn vlan-id=20
add interface=ether1 name=vlan40_automation vlan-id=40
add interface=ether1 name=vlan70_guests vlan-id=70
/ip pool
add name=dhcp_pool0 ranges=1.3.3.100-1.3.3.199
add name=dhcp_pool1 ranges=1.3.10.100-1.3.10.199
add name=dhcp_pool2 ranges=1.3.20.100-1.3.20.199
add name=dhcp_pool3 ranges=1.3.40.100-1.3.40.199
add name=dhcp_pool4 ranges=1.3.70.100-1.3.70.199
/queue simple
add max-limit=8M/0 name=wan1 packet-marks=no-mark queue=default/default
target=ether7
add name=wan-hi packet-marks=ssh_pkt priority=2/2 queue=default/default
target=ether7
/ip address
add address=1.3.3.17/24 comment=“Infrastructure Network” interface=ether1
network=1.3.3.0
add address=1.3.10.17/24 comment=“Management VLAN” interface=vlan10 network=
1.3.10.0
add address=1.3.20.17/24 interface=vlan20_vpn network=1.3.20.0
add address=1.3.40.17/24 comment=“Guest VLAN” interface=vlan40_automation
network=1.3.40.0
add address=1.3.70.17/24 comment=“Home Automation VLAN” interface=
vlan70_guests network=1.3.70.0
/ip dhcp-server network
add address=1.3.3.0/24 dns-server=1.3.3.24 gateway=1.3.3.7
add address=1.3.10.0/24 dns-server=1.3.3.24 gateway=1.3.10.7
add address=1.3.20.0/24 dns-server=1.3.3.24 gateway=1.3.20.7
add address=1.3.40.0/24 dns-server=1.3.3.24 gateway=1.3.40.7
add address=1.3.70.0/24 dns-server=1.3.3.24 gateway=1.3.70.7
/ip dns
set servers=1.3.3.24
/ip firewall filter
add action=accept chain=input connection-state=established,related
add action=accept chain=input in-interface=ether1
add action=accept chain=input in-interface=vlan10
add action=log chain=input disabled=yes
add action=drop chain=input disabled=yes
/ip firewall mangle
add action=mark-connection chain=prerouting dst-port=22 new-connection-mark=
ssh_con passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=ssh_con
new-packet-mark=ssh_pkt passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat out-interface=vlan7_telekom
/ip route
add distance=1 gateway=1.3.3.7
/system clock
set time-zone-name=Europe/Berlin
/system ntp client
set enabled=yes primary-ntp=193.190.198.14

I recently setup my CCR1009 to replace my RB450Gx4.
I use many vlans but they are all on a bridge.
I use bridge ports and bridge vlans and then set bridge vlan filtering to enabled.
Not quite sure what you are doing though,

Typically if an etherport is carrying a vlan (one or many) to another smart device its a trunk port, if carrying a vlan (single only) to a non-smart device its an access port.
There is a hybrid possibity like to a VOIP phone/device that can use the Vlan Tagged info but pass the untagged data onto a connected PC.

I really love this tutorial:
http://forum.mikrotik.com/t/using-routeros-to-vlan-your-network/126489/1

Great, i will have a look, thanks

I figured it out. Its not the mikrotik its my pfsense that terminates the connection.