Community discussions

MikroTik App
 
bartplessers
just joined
Topic Author
Posts: 1
Joined: Sat Feb 25, 2023 11:50 pm

multiple SSID: best practice?

Wed May 31, 2023 9:59 pm

Hi,

I'm running Mikrotik OS v7.9.2 on a ROUTER_MIKROTIK_APG-5HacD2HnD-BE
I want to run separte SSID's, all with their own IP-range and DHCP server.
I managed to do this as follow:
- configured my device as a basic NAT router
- added 4 virtual wifi interfaces to my physical interface (GUEST, STAGING, IOT, PRIVATE)
- added IP's, DHCP servers, pools to the interfaces

everything works fine.


However, maybe a stupid question....
Now I have a "parent" interface (the original one) and 4 "child" SSID's (all the virtual that I added)
The "parent" is in fact not needed anymore now. It's a bit overhead.
So what should I do? use the parent as one of my SSID's? Or just leave it now as "overhead"

my config:
# may/31/2023 20:58:01 by RouterOS 7.9.2
# software id = 5QTH-QG9H
#
# model = RBwAPG-5HacD2HnD
# serial number = HCT0861GJKS
/interface bridge
add name=bridge-GUESTS
add name=bridge-IOT
add name=bridge-PRIVATE
add name=bridge-STAGING
add name=bridge-default
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa2-psk mode=dynamic-keys name=PRIVATE \
    supplicant-identity=""
add authentication-types=wpa2-psk mode=dynamic-keys name=IOT \
    supplicant-identity=""
add authentication-types=wpa2-psk mode=dynamic-keys name=GUESTS \
    supplicant-identity=""
add authentication-types=wpa2-psk mode=dynamic-keys name=STAGING \
    supplicant-identity=""
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-g/n country=belgium disabled=no \
    installation=outdoor mode=ap-bridge name=wlan-2GHz security-profile=\
    PRIVATE ssid=BEARFORCE-TUIN-2GHZ
set [ find default-name=wlan2 ] country=belgium disabled=no mode=ap-bridge \
    name=wlan-5GHz security-profile=PRIVATE ssid=BEARFORCE-TUIN-5GHz
add disabled=no keepalive-frames=disabled mac-address=1A:FD:74:56:FC:17 \
    master-interface=wlan-2GHz multicast-buffering=disabled name=\
    BEARFORCE-GUESTS security-profile=GUESTS ssid=BEARFORCE-GUESTS \
    wds-cost-range=0 wds-default-cost=0 wps-mode=disabled
add disabled=no keepalive-frames=disabled mac-address=1A:FD:74:56:FC:16 \
    master-interface=wlan-2GHz multicast-buffering=disabled name=\
    BEARFORCE-IOT security-profile=IOT ssid=BEARFORCE-IOT wds-cost-range=0 \
    wds-default-cost=0 wps-mode=disabled
add disabled=no keepalive-frames=disabled mac-address=1A:FD:74:56:FC:18 \
    master-interface=wlan-2GHz multicast-buffering=disabled name=\
    BEARFORCE-PRIVATE security-profile=PRIVATE ssid=BEARFORCE-PRIVATE \
    wds-cost-range=0 wds-default-cost=0 wps-mode=disabled
add disabled=no keepalive-frames=disabled mac-address=1A:FD:74:56:FC:15 \
    master-interface=wlan-2GHz multicast-buffering=disabled name=\
    BEARFORCE-STAGING security-profile=STAGING ssid=BEARFORCE-STAGING \
    wds-cost-range=0 wds-default-cost=0 wps-mode=disabled
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/ip pool
add name=pool-default ranges=192.168.5.101-192.168.5.249
add name=pool-GUESTS ranges=192.168.6.101-192.168.6.249
add name=pool-IOT ranges=192.168.7.100-192.168.7.249
add name=pool-STAGING ranges=192.168.8.100-192.168.8.249
add name=pool-PRIVATE ranges=192.168.9.100-192.168.9.249
/ip dhcp-server
add address-pool=pool-default interface=bridge-default name=dhcp-default
add address-pool=pool-GUESTS interface=bridge-GUESTS name=dhcp-GUESTS
add address-pool=pool-IOT interface=bridge-IOT name=dhcp-IOT
add address-pool=pool-STAGING interface=bridge-STAGING name=dhcp-STAGING
add address-pool=pool-PRIVATE interface=bridge-PRIVATE name=dhcp-PRIVATE
/interface bridge port
add bridge=bridge-default disabled=yes interface=ether1
add bridge=bridge-default interface=ether2
add bridge=bridge-default interface=wlan-2GHz
add bridge=bridge-default interface=wlan-5GHz
add bridge=bridge-STAGING interface=BEARFORCE-STAGING
add bridge=bridge-IOT interface=BEARFORCE-IOT
add bridge=bridge-GUESTS interface=BEARFORCE-GUESTS
add bridge=bridge-PRIVATE interface=BEARFORCE-PRIVATE
/ipv6 settings
set disable-ipv6=yes
/interface list member
add interface=ether1 list=WAN
add interface=bridge-default list=LAN
/ip address
add address=192.168.5.1/24 interface=bridge-default network=192.168.5.0
add address=192.168.4.8/24 interface=ether1 network=192.168.4.0
add address=192.168.6.1/24 interface=bridge-GUESTS network=192.168.6.0
add address=192.168.7.1/24 interface=bridge-IOT network=192.168.7.0
add address=192.168.8.1/24 interface=bridge-STAGING network=192.168.8.0
add address=192.168.9.1/24 interface=bridge-PRIVATE network=192.168.9.0
/ip dhcp-client
add interface=bridge-default
/ip dhcp-server network
add address=0.0.0.0/24 dns-server=0.0.0.0 gateway=0.0.0.0 netmask=24
add address=192.168.5.0/24 dns-server=192.168.4.1,8.8.8.8 domain=\
    bearforce.home gateway=192.168.5.1 netmask=24
add address=192.168.6.0/24 dns-server=192.168.4.1,8.8.8.8 domain=\
    bearforce.guests gateway=192.168.6.1
add address=192.168.7.0/24 dns-server=192.168.4.1,8.8.8.8 domain=\
    bearforce.iot gateway=192.168.7.1
add address=192.168.8.0/24 dns-server=192.168.4.1,8.8.8.8 domain=\
    bearforce.staging gateway=192.168.8.1
add address=192.168.9.0/24 dns-server=192.168.4.1,8.8.8.8 domain=\
    bearforce.private gateway=192.168.9.1
/ip dns
set servers=192.168.4.1
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
/system clock
set time-zone-name=Europe/Brussels
/system identity
set name=ROUTER_MIKROTIK_APG-5HacD2HnD-BE
/system note
set show-at-login=no
Any comments and suggestions appreciated!

Kind regards,
Bart
 
holvoetn
Forum Guru
Forum Guru
Posts: 5324
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: multiple SSID: best practice?

Thu Jun 08, 2023 9:57 pm

You always need the parent and it has to be active or there are no children.
Works in life similarly :lol: (not referring to lab-stuff ...)

So you need to move one of the child configs to the parent.
And then there are 3 children. Plus 1 parent = 4 SSIDs.

Who is online

Users browsing this forum: GoogleOther [Bot], loloski, Netstumble and 43 guests