Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

[hAP ac2] [v6.48.1] wireless ignores vlan-mode  [SOLVED]

Post Reply
 
kblazewicz
just joined
Topic Author
Posts: 3
Joined: Sun Mar 22, 2020 3:39 pm

[hAP ac2] [v6.48.1] wireless ignores vlan-mode

Fri Feb 12, 2021 10:53 am

I had a working setup with two VLAN's (id 0/1 and 20) with default wireless networks (wlan1 and wlan2) running on default id and dedicated virtual WLAN (wlan2_20) configured to work with VLAN id 20. VLAN 20 is also exposed on switch port 4.

VLAN 20 is connected to my corporate network via OpenVPN tunnel and today I've noticed I couldn't connect to remote servers in corporate network.

This is part of my config relevant to the issue:
Code: Select all
/interface bridge
add admin-mac=**:**:**:**:**:** auto-mac=no comment=defconf fast-forward=no name=bridge

/interface bridge port
add bridge=bridge interface=ether2
add bridge=bridge interface=ether3
add bridge=bridge interface=ether4
add bridge=bridge interface=ether5
add bridge=bridge interface=wlan1
add bridge=bridge interface=wlan2
add bridge=bridge interface=wlan2_20

/interface vlan
add interface=bridge name=vlan20 vlan-id=20

/ip address
add address=192.168.10.1/24 interface=bridge network=192.168.10.0
add address=192.168.20.1/24 interface=vlan20 network=192.168.20.0

/ip pool
add name=dhcp_pool10 ranges=192.168.10.100-192.168.10.254
add name=dhcp_pool20 ranges=192.168.20.100-192.168.20.254

/ip dhcp-server network
add address=192.168.10.0/24 gateway=192.168.10.1
add address=192.168.20.0/24 gateway=192.168.20.1

/ip dhcp-server
add address-pool=dhcp_pool10 disabled=no interface=bridge name=dhcp10
add address-pool=dhcp_pool20 disabled=no interface=vlan20 name=dhcp20

/interface ethernet switch port
set 1 vlan-mode=secure
set 2 vlan-mode=secure
set 3 default-vlan-id=20 vlan-mode=secure
set 4 vlan-mode=secure
set 5 vlan-mode=secure

/interface ethernet switch vlan
add independent-learning=yes ports=switch1-cpu,ether2,ether3,ether5 switch=switch1 vlan-id=1
add independent-learning=yes ports=switch1-cpu,ether4 switch=switch1 vlan-id=20

/interface wireless
set [ find default-name=wlan2 ] wireless-protocol=802.11 (...)
add disabled=no master-interface=wlan2 name=wlan2_20 vlan-id=20 vlan-mode=use-tag (...)
If I connect my laptop to ethernet port 4 I get IP from 192.168.20.0/24 pool, but when I connect to wlan2_20 I get IP from 192.168.10.0/24 just as if wlan2_20 ignored vlan-mode=use-tag setting and worked on default VLAN.

Up until recently everything worked fine, I'm not sure when the issue began it might be something with v6.48.1 firmware because I think it worked before the upgrade.

Could you tell if my config above is good?
Top
 
kblazewicz
just joined
Topic Author
Posts: 3
Joined: Sun Mar 22, 2020 3:39 pm

Re: [hAP ac2] [v6.48.1] wireless ignores vlan-mode  [SOLVED]

Fri Feb 12, 2021 3:33 pm

I think I found the cause of my issue and it was me all the time.

I forgot that recently I've added all my known wireless clients to Wireless/Access List, including my laptop:
Code: Select all
/interface wireless access-list
add comment="Macbook Pro 13" mac-address=**:**:**:**:**:** vlan-mode=no-tag
The vlan-mode=no-tag forced the AP to connect my laptop to default VLAN despite the vlan-mode configured for WLAN. Changing this setting to default fixed my issue.

It got there automatically when I used to "Copy to Access List" option in Wireless/Registration view in WebFig - I don't think it's supposed to do this though.
Top
Post Reply

Who is online

Users browsing this forum: itplus, MonkeyDog, pfremout, satekhi and 61 guests
  4. RouterOS
  5. Beginner Basics