Current configuration that is working correctly if VLAN is manually set on the endpoint. LLDP-MED still eludes me.
Configuration reference:
https://help.mikrotik.com/docs/display/ ... +discovery
# software id = B3E4-HUCH
#
# model = CRS328-24P-4S+
# serial number = ############
/interface bridge add comment="Hosted Bridge" name="Hosted Bridge"
/interface ethernet set [ find default-name=ether1 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether2 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether3 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether4 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether5 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether6 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether7 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether8 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether9 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether10 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether11 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether12 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether13 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether14 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether15 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether16 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether17 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether18 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether19 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether20 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether21 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether22 ] comment="Phone Port"
/interface ethernet set [ find default-name=ether23 ] comment="Uplink to Customer Switch"
/interface ethernet set [ find default-name=ether24 ] comment="Uplink to WAN"
/interface ethernet set [ find default-name=sfp-sfpplus1 ] disabled=yes
/interface ethernet set [ find default-name=sfp-sfpplus2 ] disabled=yes
/interface ethernet set [ find default-name=sfp-sfpplus3 ] disabled=yes
/interface ethernet set [ find default-name=sfp-sfpplus4 ] disabled=yes
/interface vlan add interface="Hosted Bridge" name=VLAN101 vlan-id=101
/interface vlan add interface="Hosted Bridge" name=VLAN202 vlan-id=202
/interface list add name="Hosted Ports"
/interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik
/ip dhcp-server option add code=2 name="GMT Offset -5" value=0xFFFFB9B0
/ip dhcp-server option add code=42 name=NTP value="'0.0.0.0'"
/ip dhcp-server option add code=66 name="Provisioning Server" value="'
https://some.provisioning.server'"
/ip dhcp-server option add code=160 name="Provisioning Server Option 160" value="'
https://some.provisioning.server'"
/ip dhcp-server option add code=129 name=Phone_VLAN value="'VLAN-A=202'"
/ip dhcp-server option sets add name="Phone Options" options="GMT Offset -5,NTP,Phone_VLAN,Provisioning Server,Provisioning Server Option 160"
/ip pool add name="Phone IP Pool" ranges=0.0.0.0-0.0.0.0 ip dhcp-server add address-pool="Phone IP Pool" authoritative=after-2sec-delay dhcp-option-set="Phone Options" disabled=no interface=VLAN202 name="Phone DHCP"
/interface bridge port add bridge="Hosted Bridge" interface=ether1 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether2 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether3 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether4 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether5 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether6 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether7 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether8 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether9 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether10 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether11 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether12 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether13 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether14 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether15 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether16 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether17 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether18 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether19 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether20 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether21 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether22 pvid=101
/interface bridge port add bridge="Hosted Bridge" interface=ether23 pvid=101
/ip neighbor discovery-settings set discover-interface-list="Hosted Ports" lldp-med-net-policy-vlan=202 protocol=lldp
/interface bridge vlan add bridge="Hosted Bridge" tagged=ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9,ether10,ether11,ether12,ether13,ether14,ether15,ether16,ether17,ether18,ether19,ether20,ether21,ether22 vlan-ids=202
/interface bridge vlan add bridge="Hosted Bridge" untagged=ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9,ether10,ether11,ether12,ether13,ether14,ether15,ether16,ether17,ether18,ether19,ether20,ether21,ether22,ether23 vlan-ids=101
/interface list member add interface=ether1 list="Hosted Ports"
/interface list member add interface=ether2 list="Hosted Ports"
/interface list member add interface=ether3 list="Hosted Ports"
/interface list member add interface=ether4 list="Hosted Ports"
/interface list member add interface=ether5 list="Hosted Ports"
/interface list member add interface=ether6 list="Hosted Ports"
/interface list member add interface=ether7 list="Hosted Ports"
/interface list member add interface=ether8 list="Hosted Ports"
/interface list member add interface=ether9 list="Hosted Ports"
/interface list member add interface=ether10 list="Hosted Ports"
/interface list member add interface=ether11 list="Hosted Ports"
/interface list member add interface=ether12 list="Hosted Ports"
/interface list member add interface=ether13 list="Hosted Ports"
/interface list member add interface=ether14 list="Hosted Ports"
/interface list member add interface=ether15 list="Hosted Ports"
/interface list member add interface=ether16 list="Hosted Ports"
/interface list member add interface=ether17 list="Hosted Ports"
/interface list member add interface=ether18 list="Hosted Ports"
/interface list member add interface=ether19 list="Hosted Ports"
/interface list member add interface=ether20 list="Hosted Ports"
/interface list member add interface=ether21 list="Hosted Ports"
/interface list member add interface=ether22 list="Hosted Ports"
/ip address add address=0.0.0.0/0 comment="Uplink to WAN" interface=ether24 network=0.0.0.0
/ip address add address=0.0.0.0/0 comment="PHONE VLAN" interface=VLAN202 network=0.0.0.0
/ip dhcp-server network add address=0.0.0.0/0 dhcp-option-set="Phone Options" dns-server=0.0.0.0,0.0.0.0gateway=0.0.0.0ntp-server=0.0.0.0
/ip firewall address-list add address=0.0.0.0/0 list=MGMT
/ip firewall address-list add address=0.0.0.0/0 list=MGMT
/ip firewall address-list add address=0.0.0.0/0 list=MGMT
/ip firewall address-list add address=0.0.0.0/0 list=BT
/ip firewall address-list add address=0.0.0.0/0 list=MGMT
/ip firewall address-list add address=0.0.0.0/0 list=MGMT
/ip firewall address-list add address=0.0.0.0/0 list=PBX
/ip firewall address-list add address=0.0.0.0/0 list=PBX
/ip firewall address-list add address=0.0.0.0/0 list=PBX
/ip firewall address-list add address=0.0.0.0/0 list="PHONE VLAN"
/ip firewall filter add action=accept chain=forward comment="ALLOW PASSTHROUGH"
/ip firewall filter add action=accept chain=input comment="ALLOW MGMT" src-address-list=MGMT
/ip firewall filter add action=accept chain=input comment="ALLOW BANDWIDTH TESTING" src-address-list=BT
/ip firewall filter add action=accept chain=input comment="ALLOW PBX" src-address-list=PBX
/ip firewall filter add action=accept chain=input comment="ALLOW ESTABLISHED" connection-state=established
/ip firewall filter add action=accept chain=input comment="ALLOW RELATED" connection-state=related
/ip firewall filter add action=accept chain=input comment="ALLOW PING" protocol=icmp
/ip firewall filter add action=accept chain=input comment="ALLOW PHONES" src-address-list="PHONE VLAN"
/ip firewall filter add action=drop chain=input
/ip firewall nat add action=masquerade chain=srcnat comment="NAT PHONE TRAFFIC" out-interface=ether24 src-address=0.0.0.0
/ip firewall service-port set ftp disabled=yes
/ip firewall service-port set tftp disabled=yes
/ip firewall service-port set irc disabled=yes
/ip firewall service-port set h323 disabled=yes
/ip firewall service-port set sip disabled=yes
/ip firewall service-port set pptp disabled=yes
/ip firewall service-port set udplite disabled=yes
/ip firewall service-port set dccp disabled=yes
/ip firewall service-port set sctp disabled=yes
/ip service set telnet address=0.0.0.0/0,0.0.0.0/0,0.0.0.0/0
/ip service set ftp disabled=yes
/ip service set www disabled=yes
/ip service set ssh address=0.0.0.0/0,0.0.0.0/0,0.0.0.0/0
/ip service set api disabled=yes
/ip service set winbox address=0.0.0.0/0,0.0.0.0/0,0.0.0.0/0
/ip service set api-ssl disabled=yes
/ip ssh set allow-none-crypto=yes forwarding-enabled=remote
/system clock set time-zone-name=America/Detroit
/system identity set name=HOSTNAME
/system ntp client set enabled=yes primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/system routerboard settings set boot-os=router-os
Wireshark capture:
Any help is appreciated!