Hey Guys,
I am pretty-pretty new to this Mikrotik-RouterOS (hell) thing. I followed /viewtopic.php?t=143620 with the Router config (and some of switch), but I have some struggle doing it to my setup. I just bought an RB4011 to replace my EdgeRouter X, and I want to do the following.
(In terminal it seems easier just to copy-paste some config lines - what is the best way to create config? I use VSCode w/ some plugins to highlight the lines and ctrl-c-v to terminal if it seems good.. but not good).
So the basic setup would be like this:
2+1 VLANs:
[*] IOT_VLAN (20)
[*] CAM_VLAN (30)
[*] BASE_VLAN (1 or 99? whatever, I want to have access from this in my whole network, without tagging, just plug in a device and access everything)
RB4011 -> ether2-7-> unmanaged switches -> pc/etc and UAP-AP-LR -> IOT_VLAN/BASE_VLAN.
RB4011 -> ether8-10 -> camera VLAN (works, I guess)
But if I plug *something* in ether2-7, I want to have BASE_VLAN, without tagging (or... it can be tagged, but I want to access the CAM and IOT from that), and if I access my wifi with IOT, I want to have IOT_VLAN (20) tagging, if I access the basic wifi, I would like to have BASE_VLAN. Before, it worked like a charm with ER-X and UAP's, but with this Mikrotik device I'm stuck. Really-really stuck. I read around 5634 posts, watched more tutorials in this few days than a 10 series show, but I cannot figure it out how this VLAN tagged-untagged works. I already resetted the router 14 times, the config could be wrong, already configured 100 times the WinBox and the WebFig, so this way, I just want to have this basic setup for my home usage. I have around 70 devices, right now the camera is still in an other router, and I bought this to replace that router and the ERX. This device just seems powerful enough. My networking knowledge seems lame, but I am likely to learn more in this (I'm a sw dev, maybe that should be a good thing if you regretting to answer).
Only thing I could manage is the ether8-10 ports, which would be the CAM_VLAN, where the pvid=30. I guess, it works. I have a separete laptop for this testing, and may be a UAP for testing the IOT and base tagging, but that is not working. The plan was that I just configure this mikrotik, plug out from ER-X, plug in to mikrotik, and everything would be working.
Somebody help me with this, right now I am struggling in this simple (?) setup. Is this simple? Or this is like a big enterprise vlan-tagging-untagging-managing-switching thing? I'd like to have this just home usage..
Oh, I just forgot the firewall rules.. Maybe in an other topic (or if I have to do some fw rules, that's ok, but I don't want to access from IOT to BASE, except dns), right now, I am happy if this works for me. I would really love a simple (maybe around 20 lines of config after resetting to default) that would work in this setup. Somebody is lovingly do that for me? I would buy a beer, or a coffee (if you are an antialcoholic), or anything, but my time and stress level is out of control right now.
Thanks.