Hello everyone,
I have setup a local network based exclusively on Mikrotik devices for a coworking space I am in charge of. I have a main router, SFP+ switches with optical fiber, a couple of 24 ports POE switches located around the space and a bunch of cAP ACs.
My main router (CCR1009-7G-1C-1S+) has two bridges declared with their own DHCP servers: the first one is for management, the second one is for guests => my firewall rules allow management devices to see everything, and guests can only see other guests and access the internet.
For the moment, the management bridge contains all physical interfaces and guests may only connect using wifi: using CAPsMAN, I have declared my virtual wifi interfaces on the guest bridge and it works well.
The issue I am facing is that I would like to add specific interfaces from some of my switches on my guest bridge (some guests want ethernet). The simple solution would have been to plug them directly on my main router and put that interface on the right bridge, but the point is to be able to connect my guests on the switch that is the closest to them.
Enslaving a remote interface to bridge it on my main router the same way I do it currently with CAPsMAN would have been the best but it does not seem to be possible with physical interfaces.
My guess is that I have to start using VLANs, tagging the interface and route it properly, but I have to admit that I am not confortable with the concept of VLAN at all, so if somebody could take me by the hand, it would be fantastic
Thank you for your help!