My setup is following:
- - 24 port switch Mikrotik CRS226-24G-2S running RouterOS 6.9
- - port 3 - WiFi AP connected (hybrid, trunk + untagged)
- - Untagged packets go on one SSID1 - working FINE
- - Vlan 50 goes on SSID2 - working FINE
- - Vlan 90 goes on SSID3 - working FINE
- - port 5 - trunk to router (pfSense based)
- - carries VLAN 50 and 90 and 610
- - port 7 - access port for 4g modem, should go to router via VLAN 610
- - Ingress configured to tag everything to VLAN 610
- - rest of the devices are all untagged and working fine
Egress config:
Code: Select all
[admin@MikroTik] > /interface ethernet switch egress-vlan-tag print
Flags: X - disabled, I - invalid
# VLAN-ID TAGGED-PORTS
0 10 ether3-slave-local
1 90 ether5-slave-local
ether3-slave-local
2 50 ether3-slave-local
ether5-slave-local
3 610 ether5-slave-local
Code: Select all
[admin@MikroTik] > /interface ethernet switch ingress-vlan-translation print
Flags: X - disabled, I - invalid
0 port=ether7-slave-local service-vlan-lookup-for=untagged-or-tagged customer-vlan-lookup-for=untagged-or-tagged customer-vid=0 new-customer-vid=610 pcp-propagation=no sa-learning=no swap-vids=no
EDIT: My main network is 192.168.2.x. The 4g modem has 192.168.60.x. When a device gets a lease by accident with the .60. network, it cannot actually access the 4g router. Neither can I ping the 192.168.60.1 with a machine with manually set address .60. address. Why would the DHCP packets get through while others clearly do not?