Community discussions

MikroTik App
 
acaronmd
just joined
Topic Author
Posts: 2
Joined: Fri Sep 23, 2022 10:17 pm

can't access webfig from mgmt vlan

Sat Sep 24, 2022 1:52 am

Hello everyone!

Excited to start learning some new MT devices! Current background is with procurve/aruba/pfsense.

Using the detailed info from viewtopic.php?t=143620, I've setup a new CRS328 as a switch with a separate router (RoaS) (switch_hybrid.rsc). My problem is that I've created a management vlan, but cannot access the switch from the management IP via WebFig. Strange enough, I can ping and SSH into the switch. My laptop is connected to the trunk port with a tagged interface on vlan105, using an IP of 10.27.5.123/24. What have I done wrong?

Client config:
vlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	options=6063<RXCSUM,TXCSUM,TSO4,TSO6,PARTIAL_CSUM,ZEROINVERT_CSUM>
	ether 00:e0:4c:cb:67:74 
	inet6 fe80::182f:68a9:b294:228c%vlan0 prefixlen 64 secured scopeid 0x10 
	inet 10.27.5.123 netmask 0xffffff00 broadcast 10.27.5.255
	nd6 options=201<PERFORMNUD,DAD>
	vlan: 105 parent interface: en9
	media: autoselect (1000baseT <full-duplex>)
	status: active

Here's my switch export:
# jan/02/1970 01:28:15 by RouterOS 7.5
# software id = CK17-UUJT
#
# model = CRS328-24P-4S+
# serial number = 
/interface bridge
add name=BR1 protocol-mode=none vlan-filtering=yes
/interface vlan
add interface=BR1 name=SH_MGMT vlan-id=105
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/port
set 0 name=serial0
/interface bridge port
add bridge=BR1 frame-types=admit-only-vlan-tagged interface=ether24
add bridge=BR1 interface=ether1 pvid=101
add bridge=BR1 interface=ether2 pvid=101
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface bridge vlan
add bridge=BR1 tagged=ether1,ether2,ether24 vlan-ids=101-102
add bridge=BR1 tagged=BR1,ether24 vlan-ids=105
/ip address
add address=10.27.5.2/24 interface=SH_MGMT network=10.27.5.0
/ip route
add distance=1 gateway=10.27.5.1
/system identity
set name=sh-off-asw-1
/system routerboard settings
set boot-os=router-os
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: can't access webfig from mgmt vlan

Sat Sep 24, 2022 3:14 am

Only difference between SSH and WebFig is port number. If you can reach one, the other must work too, unless you stripped something important from posted export (like firewall config or disabled www service).
 
acaronmd
just joined
Topic Author
Posts: 2
Joined: Fri Sep 23, 2022 10:17 pm

Re: can't access webfig from mgmt vlan

Mon Sep 26, 2022 7:26 pm

There was an issue I've yet to find with my client. Might be that my USB network adapter doesn't quite work well with VLANs. Still seems strange that it worked for SSH and not HTTP.

I setup a lab environment with a pfSense router connected to the switch's trunk port, and can access Webfig fine.

Who is online

Users browsing this forum: 0xAA55, AtomikRoach, Maxfadeev699, mszru and 37 guests