I'm quite new to Mikrotik world and configuration of my CRS-125-24G router is killing me. I tried several approaches before I gave up.
Details of my network/requirements.
Beside the router, I have 3 Access points (UniFi AP-AC-LR), I would like to achieve the following:
- LAN divided logically into 3 segments:
- MGMT (with 3 active ethernet ports)
- GUEST (LAN segment available only for guests, connected via AP)
- EQUIPMENT (LAN segment reserved for all of my devices, that are going to be connected directly to the router).
I configured all APs in a way that they offer 3 wireless networks:
All 3 networks suppose to work within corresponding VLANs. So whenever someone connects to GUEST network, this person will get IP address from dedicated pool (10.59.0.X).
Configuration of AP is valid (networks are tagged with proper VLAN IDs).
What I did so far:
- configured WAN connection with NAT (masquerade enabled) so there is Internet connection
- one eth port configured with static IP address assigned to it and DHCP server configured, so whenever I plug a cable to the router, I get the IP address and can configure the router locally). I can access Internet from my PC. Used IP network: 10.20.128.0/24
- I created 3 VLANs (MGMT -> id=79, 10.79.0.0/24; EQUIP -> ID: 69, 10.69.0.0/24; GUEST -> ID: 59, 10.59.0.0/24).
Now here are my problems:
- only 3 eth ports must be in MGMT vlan. Should I then create a bridge, and add those eth ports to the bridge, as well as created VLAN?
- 17 of eth ports must be in EQUIP vlan. Should I repeat the same excercise (as above)?
- to which port should I assign Guest VLAN?
- Which interfaces I need to run DHCP servers - bridge or vlan? (assuming that each VLAN must be supplied with IPs from different networks).
- should I create a trunk on ports which APs are connected to? How can I assign the same VLANs (EQUIP, MGMT, GUEST) to multiple interfaces?
I would appreciate to have your support in getting my LAN up and running.