Hello
how to implement the scheme vlan-per-user on mikrotik 3.20 with ip unnumbered?.

komp ----- cisco2950 trunk ------ ether1 mikrotik ether2 ----- internet

in the trunk are vlan11-13 on mikrotik created vlan11-13 at ether1. vlan11-13 added to bridge1. bridge1 address is 10.10.10.2/24, komp address is 10.10.10.3/24.
the problem is that komp not ping bridge1 if bridge1 included more than one vlan.

what am I doing wrong?
how to properly configure the mikrotik?

Hello
how to implement the scheme vlan-per-user on mikrotik 3.20 with ip unnumbered?.

komp ----- cisco2950 trunk ------ ether1 mikrotik ether2 ----- internet

in the trunk are vlan11-13 on mikrotik created vlan11-13 at ether1. vlan11-13 added to bridge1. bridge1 address is 10.10.10.2/24, komp address is 10.10.10.3/24.
the problem is that komp not ping bridge1 if bridge1 included more than one vlan.

what am I doing wrong?
how to properly configure the mikrotik?

If you have 3550 or higher (newer) switch, you will be able to configure private-vlans. On 2950 there is no such feature, so you can use one vlan for all users, but configure "switchport protected". Look at this documentation:
http://www.cisco.com/en/US/docs/switche ... #wp1158863

Thank you.
but it was in STP.
STP disabled and it worked

Turning off spanning tree in a switching/bridging environment is almost always a very bad idea.
Bridging three VLANs into one another is also almost always a very bad idea.

I see nothing in your (admittedly short) post that indicates any of the scenarios where either isn't a very bad idea, so you should possibly consider revisiting your network layout.