I've setup to virual wlan's, vlan101 has not vlan config and with vlan102 I'm trying to configure the VLAN. I'm doing this so that I can compare what is working and not working.
On the vlan102 wlan interface I don't get an IP address from the DHCP server that I've configured on the wAP itself. In the final setup the DHCP server is located somewhere else in the network.
Connecting on the vlan101 interface, I do get an IP address from the correct pool, but getting the IP takes a long time, too long in my view.
What am I doing wrong? Is this approach to simulate it on a single device achievable? And finally if I've a working setup I want to migrate this to a CAPSMAN configuration. But one step at the time for now.
# oct/28/2021 20:11:23 by RouterOS 6.48.1
# software id = TMGN-VZVM
#
# model = RouterBOARD wAP G-5HacT2HnD
# serial number = 69A50578307F
/interface bridge
add name=bridge
add name=bridgevlan101 vlan-filtering=yes
add name=bridgevlan102
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX \
disabled=no distance=indoors frequency=auto installation=outdoor mode=\
ap-bridge ssid=MikroTik wireless-protocol=802.11
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=\
20/40/80mhz-XXXX distance=indoors frequency=auto installation=outdoor \
mode=ap-bridge ssid=MikroTik wireless-protocol=802.11
add disabled=no keepalive-frames=disabled mac-address=E6:8D:8C:72:D5:30 \
master-interface=wlan1 multicast-buffering=disabled name=wlan3 ssid=\
TestVLAN101 vlan-id=101 vlan-mode=use-tag wds-cost-range=0 \
wds-default-cost=0 wps-mode=disabled
add disabled=no keepalive-frames=disabled mac-address=E6:8D:8C:72:D5:31 \
master-interface=wlan1 multicast-buffering=disabled name=wlan4 ssid=\
TestVLAN102 wds-cost-range=0 wds-default-cost=0 wps-mode=disabled
/interface vlan
add interface=ether1 name=vlan101 vlan-id=101
add interface=ether1 name=vlan102 vlan-id=102
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/ip pool
add name=dhcp ranges=192.168.88.10-192.168.88.254
add name=dhcp_pool_vlan101 ranges=172.16.0.100-172.16.0.254
add name=dhcp_pool_vlan102 ranges=172.16.1.100-172.16.1.200
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge name=defconf
add address-pool=dhcp_pool_vlan101 disabled=no interface=bridgevlan101 name=\
dhcp1
add address-pool=dhcp_pool_vlan102 disabled=no interface=bridgevlan102 name=\
dhcp2
/interface bridge port
add bridge=bridge interface=wlan1
add bridge=bridge interface=wlan2
add bridge=bridgevlan101 interface=wlan3 multicast-router=disabled
add bridge=bridgevlan102 interface=wlan4 multicast-router=disabled
add bridge=bridgevlan101 interface=vlan101 multicast-router=disabled
add bridge=bridgevlan102 interface=vlan102 multicast-router=disabled
/interface bridge vlan
add bridge=bridgevlan101 tagged=wlan3,ether1 vlan-ids=101
/interface detect-internet
set detect-interface-list=all
/interface list member
add interface=bridge list=LAN
add interface=ether1 list=WAN
add interface=bridgevlan101 list=LAN
add interface=bridgevlan102 list=LAN
/ip address
add address=192.168.88.1/24 interface=bridge network=192.168.88.0
add address=172.16.0.0/24 interface=bridgevlan101 network=172.16.0.0
add address=172.16.1.0/24 interface=bridgevlan102 network=172.16.1.0
/ip dhcp-client
add disabled=no interface=ether1
/ip dhcp-server network
add address=172.16.0.0/24 gateway=172.16.0.1
add address=172.16.1.0/24 gateway=172.16.1.0
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 comment=defconf name=router.lan
/ip firewall filter
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
disabled=yes ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
disabled=yes ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related disabled=yes
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked disabled=yes
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid disabled=yes
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new disabled=yes in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
ipsec-policy=out,none out-interface-list=WAN
/ip upnp
set enabled=yes
/ip upnp interfaces
add interface=bridge type=internal
add interface=ether1 type=external
/system clock
set time-zone-name=Europe/Amsterdam
/system logging
add topics=dhcp
add topics=wireless