Community discussions

MikroTik App
 
KorvusKrash
just joined
Topic Author
Posts: 7
Joined: Mon Nov 11, 2024 1:49 am

Completely lost with regards to VLANs

Mon Nov 11, 2024 1:58 am

Super beginner here so please be gentle. I have two VLANs set up on my Unifi router with IDs 1 and 2, and I have my Mikrotik CRS310-8G+2s+IN switch connected to it via its SFP+1 uplink. I cannot for the life of me get VLAN tagging to work, I want eth1 and eth2 on VLAN 1, the rest on VLAN 2. I have gone into bridge and interface, added both VLANs, untagged eth1 and eth2 on VLAN 1 and tagged SFP+1, and on VLAN 2 I've untagged eth3-eth8 and tagged SFP+1. Enabling VLAN filtering just makes it so none of my devices can access the internet and I'm getting super frustrated because I just don't understand. Also can someone explain a management VLAN like I'm 5? That is just beyond me.

Thanks for taking the time to help a total noob.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 21783
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Completely lost with regards to VLANs

Mon Nov 11, 2024 6:45 am

Read this: viewtopic.php?t=143620

Watch this: https://www.youtube.com/watch?v=YLtGQAQ ... 9yayB0cmlw

What I recommend is take a port OFF the bridge assign it an IP like 192.168.55.0/30
Then plug into the port with laptop and change IPV4 settings to 192.168.55.2 and you should be in.
Make sure the port is part of the LAN interface list.

Its a safer way to config the MT switch or router while frigging with vlans and one bridge.
Last edited by anav on Mon Nov 11, 2024 3:58 pm, edited 1 time in total.
 
jaclaz
Forum Guru
Forum Guru
Posts: 1917
Joined: Tue Oct 03, 2023 4:21 pm

Re: Completely lost with regards to VLANs

Mon Nov 11, 2024 10:47 am

The first rule is to not use VLAN 1 (it can be used but you should really know what you are doing), rename them to VLAN 10 and VLAN 20, to exclude possible issues that are very difficult to find and troubleshoot.

The complete guide is here:
viewtopic.php?t=143620
 
User avatar
Lokamaya
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Nov 11, 2021 4:40 am
Location: Bandung

Re: Completely lost with regards to VLANs

Mon Nov 11, 2024 1:02 pm

First, I guess you already know how to setup VLAN on Unifi Network Controller (Setting > Networks). As mentioned by Anav and Jaclaz, don't use VLAN ID 1, use another number.

Example:
- name=vlan100
- vlan id=100
- ip-address=192.168.100.1
- netmask=24

(then generate address, see picture)
Capture.JPG

Repeat the process and add:
- name=vlan200
- vlan id=200
- ip-address=192.168.200.1
- netmask=24

Here I use VLAN ID 100 and 200, and also use 192.168.100.1/24 and 192.168.200.1/24 respectively so its easy to remember.

You also can use long name, i.e. vlan100-family (for family) and vlan200-server (for pc/server). This will help you in the future if you want to troubleshoot or make an adjustment.
You do not have the required permissions to view the files attached to this post.
Last edited by Lokamaya on Mon Nov 11, 2024 1:10 pm, edited 1 time in total.
 
User avatar
Lokamaya
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Nov 11, 2021 4:40 am
Location: Bandung

Re: Completely lost with regards to VLANs

Mon Nov 11, 2024 1:09 pm

Second, connect the sfp port from UDM to Mikrotik.

If you want to make adjustment to sfp port on Unifi side, go to Device > Port Setting. But I think leave it as default (except you know what you are doing).

If you already setup Unifi properly, feel free to ask on Mikrotik side.
 
KorvusKrash
just joined
Topic Author
Posts: 7
Joined: Mon Nov 11, 2024 1:49 am

Re: Completely lost with regards to VLANs

Mon Nov 11, 2024 11:54 pm

Thanks for all your help so far. I've managed to get it working, sans WiFi. I have two U6 LR access points, both connected to a poe unmanaged switch, which then connects to SFP2 to my Mikrotik switch. Whenever I turn VLAN filtering on, wired VLANs work just fine, but both of my APs can't assign IP addresses. I have three VLANs set up on the router, with IDs 10, 20 and 30, each of those is mapped to its own WiFi network. I've tried tagging SFP1 with all three VLAN IDs, but that doesn't seem to work either. Any ideas?
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 21783
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Completely lost with regards to VLANs

Tue Nov 12, 2024 12:35 am

It boggles my mind that you think we can see your config in our heads through the dark night over how many 1000s of miles

/export file=anynameyouwish (minus router serial numnber, any public WANIP information, keys etc.)
 
KorvusKrash
just joined
Topic Author
Posts: 7
Joined: Mon Nov 11, 2024 1:49 am

Re: Completely lost with regards to VLANs

Tue Nov 12, 2024 1:57 am

Never mind, I figured it out! I tagged each VLAN on both SFP ports, making one long trunk effectively across two switches.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 21783
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Completely lost with regards to VLANs

Tue Nov 12, 2024 5:10 am

Super!

Who is online

Users browsing this forum: holvoetn and 29 guests