Hi there!
I am new to Mikrotik and would like to be assisted in my configs. I really like the Mikrotik capability.
I have two WAN connections and 4 VLANS. 3 VLANS 10,20 and 30 are on the Switch ether 2,3 and respectively. VLAN 40 is on ether 3 of the R1. VLAN 99 is the management VLAN.
The problem I have is that I cannot ping the gateway for any of the VLANS e.g. hosts on 10.10.10.0/24 cannot ping 10.10.10.1.
I cannot connect to the Switch using the 10.99.99.2 as the ping says error.
I have exported the current configs for both the Router and the Switch and would appreciate to be guided.
ROUTER (R1)
# jul/13/2021 18:34:40 by RouterOS 6.48.3
/interface bridge
add name=bridge
/interface ethernet
set [ find default-name=combo1 ] comment=ISP1
set [ find default-name=ether1 ] comment=ISP2
/interface vlan
add interface=ether2 name=vlan10-Cust.1 vlan-id=10
add interface=ether2 name=vlan20-Cust.2 vlan-id=20
add interface=ether2 name=vlan30-Cust.3 vlan-id=30
add interface=ether3 name=vlan40-HOME vlan-id=40
add interface=ether2 name=vlan99-MGMT vlan-id=99
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool0 ranges=10.10.10.2-10.10.10.254
add name=dhcp_pool1 ranges=10.20.20.2-10.20.20.254
add name=dhcp_pool2 ranges=10.30.30.2-10.30.30.254
add name=dhcp_pool3 ranges=10.40.40.2-10.40.40.254
add name=dhcp_pool4 ranges=10.99.99.2-10.99.99.254
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=vlan10-Cust.1 lease-time=1d \
name=dhcp1
add address-pool=dhcp_pool1 disabled=no interface=vlan20-Cust.2 lease-time=1d \
name=dhcp2
add address-pool=dhcp_pool2 disabled=no interface=vlan30-Cust.3 lease-time=1d \
name=dhcp3
add address-pool=dhcp_pool3 disabled=no interface=bridge lease-time=1d name=\
dhcp4
add address-pool=dhcp_pool4 disabled=no interface=vlan99-MGMT lease-time=1d \
name=dhcp5
/queue tree
add max-limit=30M name=Cust.1-UPLOAD packet-mark=Cust.1-UPLOAD parent=global
add max-limit=30M name=Cust.1-DOWNLOAD packet-mark=Cust.1-DOWNLOAD parent=global
add max-limit=7M name=Cust.2-UPLOAD packet-mark=Cust.2-UPLOAD parent=global
add max-limit=7M name=Cust.2-DOWNLOAD packet-mark=Cust.2-DOWNLOAD parent=global
add max-limit=7M name=Cust.3-UPLOAD packet-mark=Cust.3-UPLOAD parent=global
add max-limit=7M name=Cust.3-DOWNLOAD packet-mark=Cust.3-DOWNLOAD parent=global
/interface bridge port
add bridge=bridge interface=ether3
add bridge=bridge interface=vlan40-HOME
add bridge=bridge interface=ether2
/ip address
add address=10.10.10.1/24 interface=vlan10-Cust.1 network=10.10.10.0
add address=10.20.20.1/24 interface=vlan20-Cust.2 network=10.20.20.0
add address=10.30.30.1/24 interface=vlan30-Cust.3 network=10.30.30.0
add address=10.40.40.1/24 interface=vlan40-HOME network=10.40.40.0
add address=10.99.99.1/24 interface=vlan99-MGMT network=10.99.99.0
/ip dhcp-client
add comment=ISP1 disabled=no interface=combo1
add comment=ISP2 disabled=no interface=ether1
/ip dhcp-server network
add address=10.10.10.0/24 gateway=10.10.10.1
add address=10.20.20.0/24 gateway=10.20.20.1
add address=10.30.30.0/24 gateway=10.30.30.1
add address=10.40.40.0/24 gateway=10.40.40.1
/ip firewall mangle
add action=mark-packet chain=prerouting new-packet-mark=Cust.1-UPLOAD \
passthrough=yes src-address=10.10.10.0/24
add action=mark-packet chain=prerouting new-packet-mark=Cust.2-UPLOAD \
passthrough=yes src-address=10.20.20.0/24
add action=mark-packet chain=prerouting new-packet-mark=Cust.3-UPLOAD \
passthrough=yes src-address=10.30.30.0/24
add action=mark-packet chain=postrouting dst-address=10.30.30.0/24 \
new-packet-mark=Cust.3-DOWNLOAD passthrough=yes
add action=mark-packet chain=postrouting dst-address=10.20.20.0/24 \
new-packet-mark=Cust.2-DOWNLOAD passthrough=yes
add action=mark-packet chain=postrouting dst-address=10.10.10.0/24 \
new-packet-mark=Cust.1-DOWNLOAD passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat src-address=10.10.10.0/24
add action=masquerade chain=srcnat src-address=10.20.20.0/24
add action=masquerade chain=srcnat src-address=10.30.30.0/24
add action=masquerade chain=srcnat src-address=10.40.40.0/24
add action=masquerade chain=srcnat src-address=10.99.99.0/24
/ip route
add distance=1 gateway=192.168.200.1 routing-mark=To_ISP1
add distance=1 gateway=192.168.0.1 routing-mark=To_ISP2
/ip route rule
add src-address=10.10.10.0/24 table=To_ISP1
add src-address=10.20.20.0/24 table=To_ISP2
add src-address=10.30.30.0/24 table=To_ISP2
add src-address=10.40.40.0/24 table=To_ISP1
SWITCH (S1)
# jan/02/1970 10:30:54 by RouterOS 6.48.3
/interface bridge
add name=bridge1
/interface vlan
add interface=bridge1 name=vlan99 vlan-id=99
/interface ethernet switch
set drop-if-invalid-or-src-port-not-member-of-vlan-on-ports=\
ether1,ether2,ether3,ether4
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
/interface ethernet switch egress-vlan-tag
add tagged-ports=ether1 vlan-id=10
add tagged-ports=ether1 vlan-id=20
add tagged-ports=ether1 vlan-id=30
add tagged-ports=switch1-cpu,ether1 vlan-id=99
/interface ethernet switch ingress-vlan-translation
add customer-vid=0 new-customer-vid=10 ports=ether2
add customer-vid=0 new-customer-vid=20 ports=ether3
add customer-vid=0 new-customer-vid=30 ports=ether4
/interface ethernet switch vlan
add ports=ether1,ether2,ether3,ether4 vlan-id=10
add ports=ether1,ether2,ether3,ether4 vlan-id=20
add ports=ether1,ether2,ether3,ether4 vlan-id=30
add ports=switch1-cpu,ether1 vlan-id=99
/ip address
add address=10.99.99.2/24 interface=vlan99 network=10.99.99.0
/ip firewall filter
add action=accept chain=forward in-interface=all-vlan out-interface=all-vlan
/ip route
add distance=1 gateway=10.99.99.1
/system identity
set name=S1