Community discussions

MikroTik App
 
0x414c49
just joined
Topic Author
Posts: 12
Joined: Wed Aug 18, 2021 9:29 am

VLAN by MAC Address - RB5009ug+s+in

Sat Aug 28, 2021 1:18 pm

Hi Friends,

Thanks to your help I bought my first Mikrotik router (RB5009ug+s+in) and my mind is blown! All routers before Mikrotik were a joke! a bad joke. I have learned lots of stuff since last night, at the beginning, it looks so difficult because I had to do everything manually but it's easy, I think everything is possible with the script is also possible with UI which is great and I can simply learn scripting with the UI!

I have two ASUS Routers and I'm using them as my Access Points now (They are in AP mode). Unfortunately, they don't support VLAN tagging for SSID. I was thinking to use MAC Address to tag clients (in a list or one by one).

I don't know what to do ... but this is far I went:

1. Created a VLAN over the default bridge
2. Created an IP Pool, DHCP Server for the VLAN
3. ?

I found a configuration in SWITCH -> Rule but I'm not sure if it's the correct configuration!

Can you please guide me through it? I'm not looking for step-by-step or complete scripts, even hints are really appreciated.

Thanks in advance
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: VLAN by MAC Address - RB5009ug+s+in

Sat Aug 28, 2021 7:03 pm

What exactly are you trying to achieve ?

According to the WiKi, RB5009 supports Bridge Vlan Filtering in Hardware Level, meaning that you will not loose the Hardware offload feature...
https://help.mikrotik.com/docs/display/ ... p+Features

Also, here you can see how Bridge VLAN filtering works :
viewtopic.php?f=23&t=143620
 
0x414c49
just joined
Topic Author
Posts: 12
Joined: Wed Aug 18, 2021 9:29 am

Re: VLAN by MAC Address - RB5009ug+s+in

Sun Aug 29, 2021 12:18 pm

What exactly are you trying to achieve ?
My APs don't support VLAN tagging per SSID. I'm thinking to have a separated VLAN for IoT to keep my network a little more secure than it is.

I was thinking if that's possible to tag clients with MAC Address?
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: VLAN by MAC Address - RB5009ug+s+in

Sun Aug 29, 2021 12:25 pm

MAC-based VLAN is said to be a bit problematic because it doesn't deliver broadcast and multicast packets (switch does not tag/untag frames with broadcast/multicast MAC addresses). Which includes some of DHCP handshake. So be prepared for some weirdness in operations if you go this way.
 
User avatar
k6ccc
Forum Guru
Forum Guru
Posts: 1490
Joined: Fri May 13, 2016 12:01 am
Location: Glendora, CA, USA (near Los Angeles)
Contact:

Re: VLAN by MAC Address - RB5009ug+s+in

Sun Aug 29, 2021 8:48 pm

My APs don't support VLAN tagging per SSID. I'm thinking to have a separated VLAN for IoT to keep my network a little more secure than it is.
Just curious what APs you are using that support multiple SSIDs, but not VLANs?

Who is online

Users browsing this forum: Cmon169, dioeyandika, Google [Bot], tangent and 30 guests