Community discussions

MikroTik App
 
49204412
just joined
Topic Author
Posts: 1
Joined: Sat Dec 26, 2020 3:40 pm

RB OmniTikG-5HacD per VLAN-> SSID

Sat Dec 26, 2020 5:17 pm

Hi,

I've done these kind of configs many many times, but never with a Mikrotik Accesspoint which has also a 5 Port Switch embedded and I am struggling :-(

What currently works:

ethernet1 is configured to tagged vlan 10, 20 and 30 and I've got interfaces defined with a fixed IP address in each vlan.
These three IPs are ping'able from the network and work so far without problems.

Now I want to have three SSIDs

1.) SSID: vlan10
2.) SSID: vlan20
3.) SSID: vlan30

Should not be too hard to configure three SSIDs ans lets tag them as wanted, but it does not work.....

The SSIDs are up and running, and each SSID are tagged to the appropriate vlan tag.

I can see the SSIDs and after connecting no Layer2 Access from WLAN to LAN (tagged) is possible.... on vlan10 and vlan30 is also a DHCP Server active (NOT on the mikrotik itself) and I don't see any requests whatsoever... (WPA2 Authentication worked without problems, bridging from the SSID to the vlan seems to be the problem)

What Do I do wrong?

Here the most relevant parts of my config...:
/interface ethernet
set [ find default-name=ether1 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full arp=enabled \
    arp-timeout=auto auto-negotiation=yes bandwidth=unlimited/unlimited \
    disabled=no full-duplex=yes l2mtu=1598 loop-protect=default \
    loop-protect-disable-time=5m loop-protect-send-interval=5s mac-address=\
    48:8F:5A:66:0F:93 mtu=1500 name=ether1 orig-mac-address=48:8F:5A:66:0F:93 \
    rx-flow-control=off speed=1Gbps tx-flow-control=off
set [ find default-name=ether2 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full arp=enabled \
    arp-timeout=auto auto-negotiation=yes bandwidth=unlimited/unlimited \
    disabled=no full-duplex=yes l2mtu=1598 loop-protect=default \
    loop-protect-disable-time=5m loop-protect-send-interval=5s mac-address=\
    48:8F:5A:66:0F:94 mtu=1500 name=ether2 orig-mac-address=48:8F:5A:66:0F:94 \
    rx-flow-control=off speed=1Gbps tx-flow-control=off
set [ find default-name=ether3 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full arp=enabled \
    arp-timeout=auto auto-negotiation=yes bandwidth=unlimited/unlimited \
    disabled=no full-duplex=yes l2mtu=1598 loop-protect=default \
    loop-protect-disable-time=5m loop-protect-send-interval=5s mac-address=\
    48:8F:5A:66:0F:95 mtu=1500 name=ether3 orig-mac-address=48:8F:5A:66:0F:95 \
    rx-flow-control=off speed=1Gbps tx-flow-control=off
set [ find default-name=ether4 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full arp=enabled \
    arp-timeout=auto auto-negotiation=yes bandwidth=unlimited/unlimited \
    disabled=no full-duplex=yes l2mtu=1598 loop-protect=default \
    loop-protect-disable-time=5m loop-protect-send-interval=5s mac-address=\
    48:8F:5A:66:0F:96 mtu=1500 name=ether4 orig-mac-address=48:8F:5A:66:0F:96 \
    rx-flow-control=off speed=1Gbps tx-flow-control=off
set [ find default-name=ether5 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full arp=enabled \
    arp-timeout=auto auto-negotiation=yes bandwidth=unlimited/unlimited \
    disabled=no full-duplex=yes l2mtu=1598 loop-protect=default \
    loop-protect-disable-time=5m loop-protect-send-interval=5s mac-address=\
    48:8F:5A:66:0F:97 mtu=1500 name=ether5 orig-mac-address=48:8F:5A:66:0F:97 \
    rx-flow-control=off speed=1Gbps tx-flow-control=off

/queue interface
set bridge queue=no-queue
set bridge1 queue=no-queue
/interface vlan
add arp=enabled arp-timeout=auto disabled=no interface=ether1 loop-protect=\
    default loop-protect-disable-time=5m loop-protect-send-interval=5s mtu=\
    1500 name=vlan10 use-service-tag=no vlan-id=10
add arp=enabled arp-timeout=auto disabled=no interface=ether1 loop-protect=\
    default loop-protect-disable-time=5m loop-protect-send-interval=5s mtu=\
    1500 name=vlan20 use-service-tag=no vlan-id=20
add arp=enabled arp-timeout=auto disabled=no interface=ether1 loop-protect=\
    default loop-protect-disable-time=5m loop-protect-send-interval=5s mtu=\
    1500 name=vlan30 use-service-tag=no vlan-id=30
/queue interface
set vlan10 queue=no-queue
set vlan20 queue=no-queue
set vlan30 queue=no-queue
/interface ethernet switch
set 0 cpu-flow-control=yes mirror-source=none mirror-target=none name=switch1
/interface ethernet switch port
set 0 default-vlan-id=auto vlan-header=leave-as-is vlan-mode=disabled
set 1 default-vlan-id=auto vlan-header=leave-as-is vlan-mode=disabled
set 2 default-vlan-id=auto vlan-header=leave-as-is vlan-mode=disabled
set 3 default-vlan-id=auto vlan-header=leave-as-is vlan-mode=disabled
set 4 default-vlan-id=auto vlan-header=leave-as-is vlan-mode=disabled
set 5 default-vlan-id=auto vlan-header=leave-as-is vlan-mode=disabled


/interface list
set [ find name=all ] comment="contains all interfaces" exclude="" include="" \
    name=all
set [ find name=none ] comment="contains no interfaces" exclude="" include="" \
    name=none
set [ find name=dynamic ] comment="contains dynamic interfaces" exclude="" \
    include="" name=dynamic
set [ find name=static ] comment="contains static interfaces" exclude="" \
    include="" name=static
add comment=defconf exclude="" include="" name=WAN
add comment=defconf exclude="" include="" name=LAN

/queue interface
set ether1 queue=only-hardware-queue
set ether2 queue=only-hardware-queue
set ether3 queue=only-hardware-queue
set ether4 queue=only-hardware-queue
set ether5 queue=only-hardware-queue
set wlan1 queue=wireless-default
set wlan2 queue=wireless-default
set wlan3 queue=wireless-default
/interface wireless manual-tx-power-table
set wlan1 manual-tx-powers="1Mbps:17,2Mbps:17,5.5Mbps:17,11Mbps:17,6Mbps:17,9M\
    bps:17,12Mbps:17,18Mbps:17,24Mbps:17,36Mbps:17,48Mbps:17,54Mbps:17,HT20-0:\
    17,HT20-1:17,HT20-2:17,HT20-3:17,HT20-4:17,HT20-5:17,HT20-6:17,HT20-7:17,H\
    T40-0:17,HT40-1:17,HT40-2:17,HT40-3:17,HT40-4:17,HT40-5:17,HT40-6:17,HT40-\
    7:17"

/interface bridge port-controller
# disabled
set bridge=none cascade-ports="" switch=none
/interface bridge port-extender
# disabled
set control-ports="" excluded-ports="" switch=none
/interface bridge settings
set allow-fast-path=yes use-ip-firewall=no use-ip-firewall-for-pppoe=no \
    use-ip-firewall-for-vlan=no
/interface bridge vlan
# 
add bridge=bridge1 disabled=no tagged=ether2,wlan1 untagged="" vlan-ids=10
# 
add bridge=bridge1 disabled=no tagged=ether2,wlan2 untagged="" vlan-ids=20
# 
add bridge=bridge1 disabled=no tagged=ether2,wlan3 untagged="" vlan-ids=30

/ip address
add address=192.168.88.1/24 comment=defconf disabled=no interface=bridge \
    network=192.168.88.0
add address=192.168.64.67/24 disabled=no interface=vlan10 network=\
    192.168.64.0
add address=192.168.65.244/24 disabled=no interface=vlan20 network=\
    192.168.65.0
add address=192.168.49.15/24 disabled=no interface=vlan30 network=\
    192.168.49.0


Thanks a lot for your help.

Cheers

49204412

Who is online

Users browsing this forum: accarda and 159 guests