Community discussions

MikroTik App
 
tsnetworking
just joined
Topic Author
Posts: 1
Joined: Sat Feb 20, 2021 12:23 am

Transparent AP Setup with VLANs

Sat Feb 20, 2021 12:52 am

I need help with the Config of a wireless AP in a transparent Bridge Mode, as the subnets and VLANs are handled buy a outside non Mikrotik Router and Switch. I have a Mikrotik mANT 12s, which does not have a switch chip. I have Tagged VLANs coming into eth1, and need them distributed out to wireless clients (mobile devices). Each VLAN has separate Subnets. The VLANS come in TAGGED from a switch, and as far as my knowledge goes, they should go out to clients UNTAGGED. I have setup the IP lists with all corresponding IP ranges, to the current interfaces. I have created one bridge, and placed all ports under that one bridge including eth1. When I set up the Wlans for each SSID, I specify the VLAN tag for each. Under each port, I specify the PVID, and set it for accept VLAN TAGGED ONLY, and Ingress Filtering (DO I need this ?).

The question I have is that is this correct and enough. one thing i notice is that in winbox, when i search for neighboring devices, my AP shows up with the correct IP, but only some times, sometimes it comes up under one of the WLAN IPs. Of course i cant connect to it, only when i type in the correct IP, will winbox connect to my device. All phones do connect through to my router and out to the internet. I have also set up Bridge VLAN filtering and set up Bridge VLANs and all of that, but i also read that since I don't have a switch port, that that extra VLAN stuff is just that EXTRA, and not properly utilized in my AP, and Also could increase CPU LOAD. This AP could see 10 Devices at any time, and I don't need CPU overhead issues ass well.

Im just looking for guidance, if I am [on the right track here for setting up a transparent Bridge, and Why WInbox sometimes displays the wrong IP for my AP.
You do not have the required permissions to view the files attached to this post.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 6157
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Transparent AP Setup with VLANs

Wed Feb 24, 2021 6:03 pm

Correct,
Never used that MT device, however ROS is pretty standard.
Basic is to use a bridge to handle all the vlans and wlans.
Identify the vlans on the MT device.
Set up bridge ports and bridge vlans appropriatelly
Set up wifi appropriately.

This guide may be helpful in that regard.
The only tricky things is you are saying wireless AP, meaning it gets signal wirelessly and then also sends out wifi to its own clients.
Do you have two separate radios (one receives traffic from the main source) and the other used to TX/RCVE to local devices??

viewtopic.php?f=23&t=143620


BASIC CONCEPT
Take existing bridge or if none make one, would be to change name and nothing else (keep defaults). After you fill in the rest of the stuff below (as per the guide, its just a rough swag), then you go back to the Bridge and select vlan filtering=YES.

BRIDGE-WLAN (keep default vlanid=1)

bridge ports would include
- INCOMING WLAN (trunk port) (ingress filtering=yes)
- LOCAL WLAN1 (access port) (only priority and untagged packets)
- LOCAL WLAN2 (access port). (only priority and untagged packets)

tagged: BRIDGE-WLAN,INCOMING WLAN, untagged: LOCAL WLAN1 vlanid=10
tagged: BRIDGE-WLAN, INCOMING WLAN, untagged: LOCAL WLAN2 vlanid=20
tagged: BRIDGE-WLAN, INCOMING WLAN, vlanid=5 (assuming this is the managment vlan and the LAN subnet which gives your MT AP, its LANIP address).
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!

Who is online

Users browsing this forum: No registered users and 46 guests