Community discussions

MUM Europe 2020
 
bmeth11
just joined
Topic Author
Posts: 6
Joined: Sun Oct 19, 2014 7:26 pm

VLAN Help

Thu Mar 31, 2016 10:07 pm

New to VLANs...

Here is my setup:


SonicWall TZ205w
X1=WAN
X0 = (VPN Network) 10.11.10.0/24
WLAN = Bridged to X0
X2 = Local Network 192.168.11.0/24
X3,X4= Portgroup with X2

X0 & X2 ----> MikroTik CRS125-24G
Port 1 Gateway
Port 2 Master (192.168.11.0/24) = X2
Port 3-19 Slave to Master Port 2

Port 20 Master (10.11.10.0/24) = X0
Port 21-24 Slave to Master Port 20

New Addition ( Upstairs Office Area) has a CAT 5E connection between above MikroTik and a new MikroTik (same model as downstairs unit) in the upstairs office. Only have a single CAT 5E from the downstairs office to upstairs due to old home converted to office. Not a good way to run cabling.

So long story short, I am wanting to carry both the X0 and X2 networks to the upstairs office so that I can use both, However, they need to stay separate due to HIPAA Compliance.

Can someone help me out?

Thanks!
 
kiaunel
Member Candidate
Member Candidate
Posts: 211
Joined: Mon Jul 21, 2014 7:59 pm
Location: Romania

Re: VLAN Help

Thu Mar 31, 2016 10:46 pm

You have to create two vlans, lets say vlan 11 192.168.11.0/24 and vlan 10 for 10.11.10.0/24,
Lets say port 24 will be connected to the other mikrotik
Remove master interface for it, set it to none.
/interface vlan
add interface=ether24 name=vlan11 vlan-id=11
add interface=ether24 name=vlan10 vlan-id=10
This will be your trunk port. Then add two bridges let`s say bridge-vlan10 and bridge-vlan11. On bridge-vlan10 add to ports section vlan 10 and ether20. Same with bridge-vlan11 add in ports section vlan 11 and ether2.
At this point your port 2 and 20 will be access ports to coresponding vlan, also slave ports wil be access ports like it master`s. Change port2 and 20 from dhcp server ip address to coresponding vlan so your ip and dhcp server will be assigned to vlans and not to ethers.
On the second mikrotik you have to create one trunk port to connect with both vlans and then access ports as you wish.
/interface vlan
add interface=ether1 name=vlan11 vlan-id=11
add interface=ether1 name=vlan10 vlan-id=10
then create bridges, like in first mikrotik and put in then vlans and whatever ports needed for each vlan. Use like in the first, master port in bridge and slaves as you wish
To keep them separated, use out-interface ether1 in your forward accept rules.
 
bmeth11
just joined
Topic Author
Posts: 6
Joined: Sun Oct 19, 2014 7:26 pm

Re: VLAN Help

Thu Mar 31, 2016 10:56 pm

@kiaunel Thanks! I will try this and report back my findings. I appreciate the help.

bmeth11
 
bmeth11
just joined
Topic Author
Posts: 6
Joined: Sun Oct 19, 2014 7:26 pm

Re: VLAN Help

Fri Apr 01, 2016 3:31 am

You have to create two vlans, lets say vlan 11 192.168.11.0/24 and vlan 10 for 10.11.10.0/24,
Lets say port 24 will be connected to the other mikrotik
Remove master interface for it, set it to none.
/interface vlan
add interface=ether24 name=vlan11 vlan-id=11
add interface=ether24 name=vlan10 vlan-id=10
This will be your trunk port. Then add two bridges let`s say bridge-vlan10 and bridge-vlan11. On bridge-vlan10 add to ports section vlan 10 and ether20. Same with bridge-vlan11 add in ports section vlan 11 and ether2.
At this point your port 2 and 20 will be access ports to coresponding vlan, also slave ports wil be access ports like it master`s. Change port2 and 20 from dhcp server ip address to coresponding vlan so your ip and dhcp server will be assigned to vlans and not to ethers.
On the second mikrotik you have to create one trunk port to connect with both vlans and then access ports as you wish.
/interface vlan
add interface=ether1 name=vlan11 vlan-id=11
add interface=ether1 name=vlan10 vlan-id=10
then create bridges, like in first mikrotik and put in then vlans and whatever ports needed for each vlan. Use like in the first, master port in bridge and slaves as you wish
To keep them separated, use out-interface ether1 in your forward accept rules.

What does path cost and root path cost mean? Or should I even worry about those in the bridge section?
 
kiaunel
Member Candidate
Member Candidate
Posts: 211
Joined: Mon Jul 21, 2014 7:59 pm
Location: Romania

Re: VLAN Help

Fri Apr 01, 2016 6:30 am

What does path cost and root path cost mean? Or should I even worry about those in the bridge section?
It is used to set best path on redundand links. Leave it as it is.
 
bmeth11
just joined
Topic Author
Posts: 6
Joined: Sun Oct 19, 2014 7:26 pm

Re: VLAN Help

Fri Apr 01, 2016 11:15 pm

Thanks again! Working perfect.
 
kiaunel
Member Candidate
Member Candidate
Posts: 211
Joined: Mon Jul 21, 2014 7:59 pm
Location: Romania

Fri Apr 01, 2016 11:36 pm

Glad You made it.

Sent from my Lenovo K50a40 using Tapatalk

Who is online

Users browsing this forum: No registered users and 26 guests