I am a newby to Mikrotik, bridges and VLAN’s and I am stuck on how to configure this on the RB4011iGS+:
1. Management LAN VLAN999 hardware devices i.e. switches, AP’s, server etc.
2. Office LAN VLAN1 desktops, laptops, printers, domain server
3. Telco LAN VLAN20 IP Phones etc.
4. Guest LAN VLAN100 guests WLAN and some outlets for desktops
5. Camera LAN? VLAN998 Not sure if this is usefull or if it should be combined in the management LAN – it concerns 1 NVR with 8 camera’s and 4 separate IP camera’s.
Guest LAN should not be allowed to have access to any of the other VLAN’s. Office LAN is allowed access to all LAN’s but the Management LAN.
The RB4011 has 10 interface ports which I would like to configure as follows (U=untagged, T=Tagged):
E1. WAN Cable WAN /29 (120/12 Mbps)
E2. VLAN999 (U) Server management port HP-ILO
E3. VLAN999 (U) Server Hyper-V port
E4. VLAN999 (U) NAS management port
E5. VLAN20 (U) Virtual Machine : 3CX Server
E6. VLAN1 (U) Virtual Machine : domain server
E7. VLAN1 (U) Virtual Machine : database server
E8. ALL VLAN’S (T) Office smart layer2 switch 1
E9. ALL VLAN’S (T) Office smart layer2 switch 2
E10. VLAN999 (U) Intercom door station
SFP1. WAN2 Fiber WAN single IP (1/1Gbps)
I am aware of the fact that the RB4011 has no VLAN table in the switches so I need a workaround. I am not sure though what in this case would be the best practice on how to set this up with regards to bridges, network speed, CPU load etc.
It is appreciated if someone could explain how this should best be configured and especially also why. I can probably figure out the coding myself but I mostly want to understand why to do it in a certain way.
Thanks for your help!