RouterOS: 7.18.2
I currently have three Wi-Fi interfaces, one of which is a guest network:
Code: Select all
/interface wifi
set [ find default-name=wifi1 ] configuration=5GHz disabled=no security=5GHz
set [ find default-name=wifi2 ] configuration=2GHz disabled=no security=2GHz
add configuration=Guest mac-address=<REPLACED> master-interface=wifi2 name=wifi3 security=Guest
/interface bridge
add admin-mac=<REPLACED> auto-mac=no comment=defconf name=bridge port-cost-mode=short protocol-mode=none vlan-filtering=yes
/interface bridge port
add bridge=bridge comment="5 GHz Wi-Fi" frame-types=admit-only-untagged-and-priority-tagged interface=wifi1 pvid=10
add bridge=bridge comment="2.4 GHz Wi-Fi" frame-types=admit-only-untagged-and-priority-tagged interface=wifi2 pvid=10
add bridge=bridge comment="Guest Wi-Fi" frame-types=admit-only-untagged-and-priority-tagged interface=wifi3 pvid=40
add bridge=bridge comment="Trunk" frame-types=admit-only-vlan-tagged interface=ether1
/interface bridge vlan
add bridge=bridge tagged=ether1,bridge untagged=ether3 vlan-ids=99
add bridge=bridge tagged=ether1 untagged=wifi1,wifi2 vlan-ids=10
add bridge=bridge tagged=ether1 untagged=wifi3 vlan-ids=40
Code: Select all
/interface wifi security multi-passphrase
add group=2GHz passphrase=passphrase1 vlan-id=40 isolation=yes
add group=2GHz passphrase=passphrase2 vlan-id=10
/interface wifi security
add authentication-types=wpa3-psk name=5GHZ passphrase=passphrase0 wps=disable
add authentication-types=wpa2-psk name=2GHZ multi-passphrase-group=2GHz wps=disable
Things I have tried include setting pvid=1 for wifi2 in /interface bridge port and setting frame-types=admit-all for the same, but neither had any noticeable effect. Also note that if I unset the vlan-id values in the multi-passphrase configuration, everything works as expected (except both passphrases put users on the same VLAN).
