I have a Juniper SRX300 with multiple VLANs. It connects via fiber (802.1a trunk) to multiple Dell switches, one of which then connects to a Cisco switch 5550 (also 802.1q trunk). I want to connect a Mikrotik to one of the Cisco ports, connected as a trunk, so I can create multiple SSIDs, with each one in a separate VLAN all the way back to the Juniper.
Is this even possible with Mikrotik?
Why “even”? Mikrotik “does VLANs” so it seems to be possible.
Have you read https://wiki.mikrotik.com/wiki/Manual:Interface/VLAN ?
Reading now - thanks
After you set-up VLANs, you can proceed configuring WiFi AP in the following manner:
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-g/n channel-width=20/40mhz-Ce \
country="your country here" frequency=auto frequency-mode=regulatory-domain mode=\
ap-bridge name="master wifi name here" security-profile="security profile" ssid="default SSID" \
vlan-id="default VLAN ID" vlan-mode=use-tag wireless-protocol=802.11 wps-mode=disabled
add keepalive-frames=disabled mac-address="enter VAP MAC address here" master-interface=\
"master wifi name here" multicast-buffering=disabled name="VAP1 wifi name here" ssid="VAP1 SSID here" \
vlan-id="VLAN of VAP1 here" vlan-mode=use-tag wds-cost-range=0 wds-default-cost=0 \
security-profile="security profile for VAP1"
add keepalive-frames=disabled mac-address="enter VAP MAC address here" master-interface=\
"master wifi name here" multicast-buffering=disabled name="VAP2 wifi name here" ssid="VAP2 SSID here" \
vlan-id="VLAN of VAP2 here" vlan-mode=use-tag wds-cost-range=0 wds-default-cost=0 \
security-profile="security profile for VAP2"
...
.
Then add all WiFi interfaces, created above, to some bridge which also carries traffic of appropriate VLAN. I tend to create single bridge and carry VLAN-tagged and untagged traffic over it. In this case it’s fine just to add VAP devices to the same bridge.
Another possibility is to not use “vlan-mode” in VAP definition, but then you need to create one bridge per VLAN, create VLAN interfaces on physical interface(s) (might be default bridge) and then add appropriate VLAN and VAP devices to each of bridges. It’s kind of messy so I do it as described earlier.
Thanks all for the suggestions. I read the link supplied above and now have it working.
My setup is Juniper SRX300 —802.1q (with irb crap) trunk—>Dell x1018—802.1q trunk—>Cisco 3550—802.1q trunk—>Mikrotik
(I know, I know - this is a mess, but you work with what you have at a client site)
I have the trunking and VLANs working all the way through to the Mikrotik with DHCP on the SRX working and VoIP phones working as well.
I must say that the Mikrotik is a powerful little beast - really packs a punch for a low price point.
Thanks again for your suggestions and help - great community!