Community discussions

MikroTik App
 
esquirrel
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Wed Feb 21, 2018 3:04 pm

Best way to set up WLAN w/3 Virtual APs on different subnets each with net access but not communicating +/ DNS+NTP?

Tue Mar 06, 2018 3:55 pm

I recently bought a Hap Lite and I like it a lot. The performance is quite decent for the price. However, I cant seem to get the configuration right to add three virtual APS that can all use the same internal DNS+NTP server(s) but cannot flood one another with broadcast traffic, (MDNS, SSDP, IPv6 junk, etc.) None of them use any of that stuff but it seems that it cannot be turned off on them-( these are mostly Apple and branded Android devices)

Those mobile devices need to be sandboxed in their own subnets, IMHO, as they come with entire software ecosystems that I don't trust.

I may need to add more virtual APS, for more untrusted mobile devices. What is the best network topology to do this? I am surprised that no one document lays this out simply.

I have no problem with starting fresh, if there is a way to dump out my existing configuration to a script which can be exported/imported.. basically save the existing setup out, so I can try some alternative setups out. I have the RB741-2nd TC.
 
skuykend
Member Candidate
Member Candidate
Posts: 270
Joined: Tue Oct 06, 2015 7:28 am

Re: Best way to set up WLAN w/3 Virtual APs on different subnets each with net access but not communicating +/ DNS+NTP?  [SOLVED]

Thu Mar 08, 2018 4:59 am

You can either set up separate bridges for each subnet, or use vlans on the main bridge, each with it's own internal subnet/router ip and dhcp server config.
It will depends on if you still want switch functionality, trunk ports, etc on which will be best with your situation.
You may also need ip firewall rules (drop action) to stop the routing between the subnets depending on your existing firewall rules.

Edit:
Open the Terminal do an
/export file=myfile
or flash/myfile if you want it persistent across reboots.
 
esquirrel
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Wed Feb 21, 2018 3:04 pm

Re: Best way to set up WLAN w/3 Virtual APs on different subnets each with net access but not communicating +/ DNS+NTP?

Thu Mar 08, 2018 7:51 am

I think this is a good start. I'm going to try to write up a script, and I'll bring it back here to get criticism. My better half doesn't want me taking the network down for lengthy experiments so I very much appreciate the knowledge here. Ive had to redo the entire config now it seems like maybe four or five times and it seems Ive made the same mistakes several times. It is likely obvious to people here, whatever I am messing up.

Who is online

Users browsing this forum: AUsquirrel, jeanguyguy41 and 52 guests