Hello there,
I'm new to RouterOS, but I'm a Junos OS / Cisco IOS engineer, so feel free to talk tech to me.
I'm attempting to design a simple way to provide an IP gateway to clients that connect to Ubiquiti APs off of several RB4011's while also separating ('separate' as in at a layer 2 perspective, I'll worry about layer 3 isolation later) them from the management subnet of those same APs. The setup I have is attached in this post.
Effectively, I have a router that has three physical connections to 3 access points. Those APs have several clients naturally sending untagged frames. I want those clients to have a default gateway that lives on the router, and I want just 1 subnet for all clients across 3 APs. Also, each AP has a management IP that I want in a separate subnet, separate from the client gateway. I figure I ought to tag the frames, so I can do that at the AP level (the router would receive a tag of, say, VLAN100 ingress on each port).
I would like to know how to configure a MikroTik RB4011 for this scenario so that:
- All three physical interfaces are bridged so they act as layer 2 ports.
- A layer 3 IP gateway for client connections exists (untagged on ingress and egress from the router perspective).
- A layer 3 IP gateway for the AP management exists (tagged for VLAN100 on ingress and egress from the router perspective).
From searching and trying things out, I sense that I need... 1 bridge that binds the physical interfaces together, 2 vlan interfaces that act as the IP gateways, and a merging of those VLANs into the bridge. Is there an ideal way to configure this, or better yet, is there a smarter design from a RouterOS perspective to do this? This design is simple to me in a Junos OS and IOS world, but this is the MikroTik world, so I'm open to new designs.
Thanks in advance, folks!