Community discussions

 
megatron
just joined
Topic Author
Posts: 19
Joined: Fri Oct 26, 2018 10:59 am

Can't connect to hAP ac lite over wireless using Winbox (via MAC address) when wireless vlan-mode=use-tag

Tue Oct 30, 2018 11:28 am

Is it possible to enable such access? The wireless interface is configured to be a member of a VLAN, so I have no choice but to set vlan-mode=use-tag.

Because it's possible to connect using an ethernet port instead, configured as an access port member of said VLAN (vlan-mode=secure, vlan-header=always-strip). Why doesn't it work with wireless?

Thanks
 
User avatar
xvo
Long time Member
Long time Member
Posts: 592
Joined: Sat Mar 03, 2018 1:12 am
Location: Moscow, Russia

Re: Can't connect to hAP ac lite over wireless using Winbox (via MAC address) when wireless vlan-mode=use-tag

Tue Oct 30, 2018 1:00 pm

That should work just the same as with ethernet port.

Check what do you have in /tool mac-server mac-winbox export
You probably have not the whole vlan but only some interfaces added to that list.
 
megatron
just joined
Topic Author
Posts: 19
Joined: Fri Oct 26, 2018 10:59 am

Re: Can't connect to hAP ac lite over wireless using Winbox (via MAC address) when wireless vlan-mode=use-tag

Tue Oct 30, 2018 4:54 pm

That should work just the same as with ethernet port.

Check what do you have in /tool mac-server mac-winbox export
You probably have not the whole vlan but only some interfaces added to that list.
OK so I checked and found my configuration to be:
/ip neighbor discovery-settings
set discover-interface-list=all

/tool mac-server mac-winbox
set allowed-interface-list=all
Besides, Winbox (via MAC address) over wireless works when vlan-mode=no-tag, so we know that "all" does include the wireless interface.
 
User avatar
xvo
Long time Member
Long time Member
Posts: 592
Joined: Sat Mar 03, 2018 1:12 am
Location: Moscow, Russia

Re: Can't connect to hAP ac lite over wireless using Winbox (via MAC address) when wireless vlan-mode=use-tag

Tue Oct 30, 2018 5:00 pm

Please, attach the whole config with hide-sensitive option.
 
megatron
just joined
Topic Author
Posts: 19
Joined: Fri Oct 26, 2018 10:59 am

Re: Can't connect to hAP ac lite over wireless using Winbox (via MAC address) when wireless vlan-mode=use-tag

Tue Oct 30, 2018 5:19 pm

Please, attach the whole config with hide-sensitive option.
Here it is, do you see anything wrong with it:
# jan/02/1970 01:40:17 by RouterOS 6.43.4
#
# model = RouterBOARD 952Ui-5ac2nD
/interface bridge
add name=bridge1 protocol-mode=none
/interface vlan
add interface=bridge1 name=vlan-iot vlan-id=87
add interface=bridge1 name=vlan-personal vlan-id=88
/interface ethernet switch port
set 0 vlan-header=add-if-missing vlan-mode=secure
set 1 default-vlan-id=88 vlan-header=always-strip vlan-mode=secure
set 2 default-vlan-id=88 vlan-header=always-strip vlan-mode=secure
set 3 default-vlan-id=87 vlan-header=always-strip vlan-mode=secure
set 4 default-vlan-id=87 vlan-header=always-strip vlan-mode=secure
set 5 vlan-mode=secure
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=\
    wpsk2-aes supplicant-identity=""
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \
    disabled=no frequency=auto mode=ap-bridge name=wlan-iot security-profile=\
    wpsk2-aes ssid=Mikrotik-iot vlan-id=87 vlan-mode=use-tag \
    wireless-protocol=802.11 wps-mode=disabled
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=\
    20/40/80mhz-Ceee disabled=no frequency=auto mode=ap-bridge name=\
    wlan-personal security-profile=wpsk2-aes ssid=Mikrotik vlan-id=88 \
    vlan-mode=use-tag wireless-protocol=802.11 wps-mode=disabled
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
add bridge=bridge1 interface=wlan-iot
add bridge=bridge1 interface=wlan-personal
/ip neighbor discovery-settings
set discover-interface-list=all
/interface ethernet switch vlan
add ports=ether1,ether2,ether3,switch1-cpu switch=switch1 vlan-id=88
add ports=ether1,ether4,ether5,switch1-cpu switch=switch1 vlan-id=87
/ip address
add address=192.168.88.4/24 interface=vlan-personal network=192.168.88.0
add address=192.168.87.4/24 interface=vlan-iot network=192.168.87.0
/system routerboard settings
set silent-boot=no
 
User avatar
xvo
Long time Member
Long time Member
Posts: 592
Joined: Sat Mar 03, 2018 1:12 am
Location: Moscow, Russia

Re: Can't connect to hAP ac lite over wireless using Winbox (via MAC address) when wireless vlan-mode=use-tag

Tue Oct 30, 2018 6:41 pm

I don't see anything wrong.

And I could not reproduce the issue:
I have an AP running with vlan-mode=use-tag and vlan-inerface attached to the bridge with the only difference being vlan-filtering enabled on the bridge.
I disabled vlan-filtering and it made no difference, I was still able to connect to it by MAC.

Who is online

Users browsing this forum: Google [Bot] and 25 guests