Community discussions

MikroTik App
 
jforcand
just joined
Topic Author
Posts: 1
Joined: Thu Jul 15, 2021 6:02 am

DHCP / Static VLAN IP - RB750Gr3

Thu Jul 15, 2021 6:05 am

Hi - I am a novice setting up a routerboard and I am attempting to create 3 VLANs which each have a DHCP server providing IPs from a pool.

This is the tutorial I watched to do the setup: https://youtu.be/pdpFAxwocTo

The router has the default 192.168.100.0/24 (changed 3rd octet from 88 to 100) and I created 2 additional VLANs 10.1.50.0/24 and 172.16.66.0/24 which should be tied to ethernet 2 port.

When I plug in a device to the router, I get a DHCP 192.168.88.x address and can ping the 10.1.50.1 and 172.16.66.3 gateway IPs, but when I try to set a static IP on the 10.1.50.x or 172.16.66.x addresses, I can not ping their gateways nor the 192.167.88.x

My configuration is pasted below. Looking for where I may be off to have ability to use the VLANs. Thank you.
Note I read the guide 'Using RouterOS to VLAN your network viewtopic.php?f=23&t=143620'
I think the pattern it speaks to I'm after is the 'all in one' configuration.
# jan/02/1970 00:54:40 by RouterOS 6.48.2
# software id = E6GF-Z7TE
#
# model = RB750Gr3
# serial number = [redacted]
/interface bridge
add admin-mac=C4:AD:34:EE:4E:A4 auto-mac=no comment=defconf name=bridge
/interface vlan
add interface=ether2 name=VLAN10 vlan-id=10
add interface=ether2 name=VLAN20 vlan-id=20
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=192.168.100.10-192.168.100.254
add name=dhcp_pool1 ranges=10.1.50.100-10.1.50.110
add name=dhcp_pool2 ranges=172.16.66.100-172.16.66.110
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge name=defconf
add address-pool=dhcp_pool1 disabled=no interface=VLAN10 name=dhcp_vlan1
add address-pool=dhcp_pool2 disabled=no interface=VLAN20 name=dhcp_vlan2
/interface bridge port
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge interface=ether2
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/ip address
add address=192.168.100.1/24 comment=defconf interface=bridge network=\
    192.168.100.0
add address=10.1.50.1/24 interface=VLAN10 network=10.1.50.0
add address=172.16.66.3/24 interface=VLAN20 network=172.16.66.0
/ip dhcp-client
add comment=defconf disabled=no interface=ether1
/ip dhcp-server network
add address=10.1.50.0/24 comment=#test dns-server=9.9.9.9 gateway=10.1.50.1 \
    netmask=24
add address=172.16.66.0/24 comment=test2 dns-server=9.9.9.9 gateway=\
    172.16.66.3 netmask=24
add address=192.168.100.0/24 comment=defconf gateway=192.168.100.1 netmask=24
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.100.1 comment=defconf name=router.lan
/ip firewall filter
add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
    invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment=\
    "defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
    in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
    ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
    ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
    connection-state=established,related
add action=accept chain=forward comment=\
    "defconf: accept established,related, untracked" connection-state=\
    established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
    connection-state=invalid
add action=drop chain=forward comment=\
    "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
    connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
    ipsec-policy=out,none log=yes out-interface-list=WAN
/system identity
set name=MikroTikLab
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN

Who is online

Users browsing this forum: Bing [Bot] and 41 guests