Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

Management VLAN Struggling

Post Reply
 
ConfigTest
just joined
Topic Author
Posts: 4
Joined: Mon Sep 18, 2023 11:51 am

Management VLAN Struggling

Mon Sep 18, 2023 12:00 pm

Hi,

I'm struggling with the config of my management VLAN. Would someone be avle to advise what I have got wrong below?

My intention is for the CRS112 to uplink to a cisco switchport on ether8 using a trunk port for VLAN99 (Management) and VLAN40 (Guest). I have configured ether7 into VLAN99 to allow myself to access the management interface, however I cannot login to it. The CRS will not be providing DCHP or acting as a gateway and is joining an existing management VLAN.

Have followed the videos below:

https://www.youtube.com/watch?v=swXS4sO ... etworkTrip
https://help.mikrotik.com/docs/display/ ... ment+tools

Do I need to enable access to winbox to 172.16.10.10?

How do i then delete the default IP of 0.0.0.0 which I can access via ether5?

I have followed the attached guides
Code: Select all
# jan/02/1970 00:39:53 by RouterOS 6.48.6
# software id = 1C8P-4ZZP
#
# model = CRS112-8P-4S
# serial number = <edited> 
/interface bridge
add name=bridge1
/interface vlan
add interface=bridge1 name=MGMT vlan-id=99
/interface ethernet switch
set drop-if-invalid-or-src-port-not-member-of-vlan-on-ports=\
    ether1,ether2,ether7,ether8
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether8
add bridge=bridge1 interface=ether7
add bridge=bridge1 interface=ether3
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface ethernet switch egress-vlan-tag
add tagged-ports=switch1-cpu,ether8 vlan-id=99
add tagged-ports=ether8 vlan-id=40
/interface ethernet switch ingress-vlan-translation
add customer-vid=0 new-customer-vid=40 ports=ether1,ether2
add customer-vid=0 new-customer-vid=99 ports=ether7
/interface ethernet switch vlan
add ports=ether7,ether8 vlan-id=99
add ports=ether1,ether2 vlan-id=40
/ip address
add address=172.16.10.10/24 interface=MGMT network=172.16.10.0
/ip route
add distance=1 dst-address=0.0.0.0/32 gateway=172.16.10.1
/system identity
set name=RouterOS
Last edited by holvoetn on Mon Sep 18, 2023 12:03 pm, edited 1 time in total.
Reason: Code quotes, removed serial
Top
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 17447
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Re: Management VLAN Struggling

Mon Sep 18, 2023 4:37 pm

https://help.mikrotik.com/docs/pages/vi ... =103841835
Top
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 17447
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Re: Management VLAN Struggling

Mon Sep 18, 2023 4:40 pm

All devices should get their IP address from the management subnet.
Thus assuming you can get a static IP from the cisco admin for your device, simply make an IP address assignment to the Unit by
add address=whatever interface=vlan-manage network=whatever.0

The only vlan requiring identification is the management vlan the rest are carried by in through trunk port and out through exit ports (via /interface bridge ports and bridge vlans)
Top
 
ConfigTest
just joined
Topic Author
Posts: 4
Joined: Mon Sep 18, 2023 11:51 am

Re: Management VLAN Struggling

Mon Sep 18, 2023 5:23 pm

All devices should get their IP address from the management subnet.
Thus assuming you can get a static IP from the cisco admin for your device, simply make an IP address assignment to the Unit by
add address=whatever interface=vlan-manage network=whatever.0

The only vlan requiring identification is the management vlan the rest are carried by in through trunk port and out through exit ports (via /interface bridge ports and bridge vlans)
Sorry have I not achieved this? I can see this address show on winbox as a neighbor of 172.16.10.0 however I cannot connect to it, I have configured my laptop with a static address in the same subnet.

add address=172.16.10.10/24 interface=MGMT network=172.16.10.0
/ip route
Top
 
ConfigTest
just joined
Topic Author
Posts: 4
Joined: Mon Sep 18, 2023 11:51 am

Re: Management VLAN Struggling

Mon Sep 18, 2023 11:00 pm

https://help.mikrotik.com/docs/pages/vi ... =103841835
Hi,

I've read this post but struggling to translate from Cisco/Aruba. Where am I going wrong?
Top
 
ConfigTest
just joined
Topic Author
Posts: 4
Joined: Mon Sep 18, 2023 11:51 am

Re: Management VLAN Struggling

Mon Sep 18, 2023 11:01 pm

All devices should get their IP address from the management subnet.
Thus assuming you can get a static IP from the cisco admin for your device, simply make an IP address assignment to the Unit by
add address=whatever interface=vlan-manage network=whatever.0

The only vlan requiring identification is the management vlan the rest are carried by in through trunk port and out through exit ports (via /interface bridge ports and bridge vlans)
Are ypu stating here that i should tag all passable traffic (access) and then untag the management vlan (native)?
Top
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 17447
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Re: Management VLAN Struggling

Mon Sep 18, 2023 11:03 pm

viewtopic.php?t=182276
Top
Post Reply

Who is online

Users browsing this forum: Ahrefs [Bot], Moba, Semrush [Bot] and 14 guests
  4. RouterOS
  5. Beginner Basics