Community discussions

MikroTik App
 
Lieven
just joined
Topic Author
Posts: 2
Joined: Sun Mar 28, 2021 12:15 pm

Basic Router + switch + ap with VLAN

Sat May 21, 2022 12:50 am

Hi experts and guru's
i'm new to Mikrotik (about 6 months now). checked a lot of youtube (wirelessinfo, the network berg, ..) and the forum here.
lots of good stuff, documentation en help to find here on the forum, like. viewtopic.php?t=143620#p706997

I'm making a project for school with Mikrotik devices. Working with a hAP ac2 (as router), a CRS328-24p-4s as switch (routerOS) and mAP as AP....All running ROS 7.2.2.
i have a running config with router, switch, ap. capsman several SSID, hotspot (on one SSID) with (internal) radius and usermanager. ...
Yep ! all working like a charm.....but in flat network... i mean no VLAN.... so i want to add VLANs. After a lot of try, fail and retry...i dropped it all starting from scratch.

Now trying for more than a month to get VLAN working. Several configurations (with one bridge, bridge for every VLAN, ...) At some point i'm not able to get VLAN working.
Even just importing the files form the link above give me troubles. i must doing something wrong, or there is something i don't get....

i've attached 2 files, one router01-new01 and one switch01-new01 exports from the devices.
i've just followed the above link, with some adjustmens of ports.

Situation :
on the router i have port ether4 as pvid=50 -> getting proper ip of 192.168.50.254 when connecting a laptop.
so seams (if i may say so) that VLAN and DHCP is working properly (at least for that port in that VLAN, localy on the router).

The router, port Ether1 is the WAN-link to ISP (dhcp-client)
The router, Port Ether2 is the trunk to the switch01 -> the receiving end on the switch01 is the trunkport sfp-sfpplus1.
The router, Port Ether3 is the trunk to the AP01

On the switch01 several ports are in different vlans, none of them getting a IP-address from de DHCP-server in their VLAN from the Router.
except on port Ether24 witch i put in VLAN99 (mgmt).
on the AP01, i see the SSID, i can "connect", provide password... but at the end, i don't get any ip-address.

-> can you help me to get this working?
thanks in advance !

Note, for you who are wondering...next steps will be :
- trunk to AP
- Capsman config and controle the AP
- multiple (4) SSID's : for VLANs private, family, Guest , and IOT
- Hotspot for Guest network
- user-manager for hotspot with radius for Guest network
- Building up firewall (or at leas try)
And if it's all back up and running ... i'll try my first steps in to wireguard and make a site to site connection.

So it could mean that you will see more of my posting here.:)
if you have any good code that i can learn from, it's always welcome :)
or put my nose in the right direction and give me a push :D

Anyway, thanks in advance for who can help me out in any way.

second note (to myself), half june is my deadline :shock:
You do not have the required permissions to view the files attached to this post.
 
tdw
Forum Guru
Forum Guru
Posts: 1843
Joined: Sat May 05, 2018 11:55 am

Re: Basic Router + switch + ap with VLAN  [SOLVED]

Sat May 21, 2022 2:41 am

The switch is missing /interface bridge vlan entries for all VLANs except 99.

You should not set the bridge PVID to have the same value as an /interface vlan, either
/interface bridge add name=BR1 protocol-mode=none pvid=991 vlan-filtering=yes
/interface vlan add interface=BR1 name=MGMT_VLAN vlan-id=99
/interface bridge vlan add bridge=BR1 tagged=BR1,sfp-sfpplus1,sfp-sfpplus2 vlan-ids=99
/ip address add address=192.168.99.2/24 interface=MGMT_VLAN network=192.168.99.0

or
/interface bridge add name=BR1 protocol-mode=none pvid=99 vlan-filtering=yes
/interface vlan add interface=BR1 name=MGMT_VLAN vlan-id=99
/interface bridge vlan add bridge=BR1 tagged=BR1,sfp-sfpplus1,sfp-sfpplus2 untagged=BR1 vlan-ids=99
/ip address add address=192.168.99.2/24 interface=MGMT_VLANBR1 network=192.168.99.0
 
Lieven
just joined
Topic Author
Posts: 2
Joined: Sun Mar 28, 2021 12:15 pm

Re: Basic Router + switch + ap with VLAN

Sun May 22, 2022 10:14 am

Hey tdw, many thanks ! i've implemented your advice of changes. got it working now ! thanks to you !

Who is online

Users browsing this forum: BioMax, mbovenka, PBondurant, valeb and 51 guests