Community discussions

 
Elliot
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 50
Joined: Tue May 30, 2017 3:04 pm

VLAN Isolation

Mon Aug 12, 2019 10:33 pm

Hi guys,
I have found myself in a peculiar situation. I'm working as network engineer for about 2 years now without any formal education or knowledge. I'd like to think that I'm smart so I was able to learn a lot of things fast. I was able to self taught myself a lot of thing about how netwrok a data work, about different protocols (RSTP, BGP, MPLS..), but sometimes it can be pretty hard to configure something you've never seen and/or done before.

I work for a small ISP (about 3000 clients) and I bassically manage the whole network myself and recently my boss (former network administrator) make a deal for L2 100Mbit/s connectivity for a local company. Since he doesn't really know how to configure a lot of things in network he gave me this task and put in charge of this project that by the way needs to be done in a WEEK!
The setup should be pretty simple...

All I need is to setup a single VLAN on our network that will be directly connected to their ISP. Since we don't use any VLAN on our network (I know it's terrible) I think it should be easy.
Basically I need VLAN 1679 that will be forwarded trough couple of wireless radios (Mimosa networks) and of course switches. Something like this:

Company ISP -> Cisco switch -> Cisco switch -> Mikrotik CRS326 (all ports in bridge) -> Mikrotik CRS326 (all ports in bridge) -> PtP 24G -> Mikrotik CRS112 (WAN port1 and port 2 be connected to PtP in our administration) -> PtP 24G -> their Router with VLAN 1679

I know how to configure VLAN on Cisco devices and in CRS326 but I'm not sure about CRS112.

I have configured CRS112 as follows:
/interface vlan
add name=VLAN200 interface=ether1,ether2 vlan-id=1679
/interface ethernet switch egress-vlan-tag
add tagged-ports=ether1,ether2 vlan-id=1679
My questions for you guys are
1. will this configuration work?
2. If yes, will company be able to access our network (that is untagged)
3. will I be able to access PtP 24G radio link at company's side that will have our IPs on untagged default vlan?

Thank you very much in advance for any advice and/or responce. Whoever send me right configuration will be send cyber cake :D

Who is online

Users browsing this forum: No registered users and 60 guests