Community discussions

MikroTik App
  4. RouterOS
  5. General

Route WAN network to VLAN

Post Reply
 
supadupa
just joined
Topic Author
Posts: 3
Joined: Mon Dec 09, 2019 5:53 pm

Route WAN network to VLAN

Sat Oct 23, 2021 8:57 pm

Please excuse my noob question:

I want to expose a specific device on my Mikrotik router network to the outside network.

My Mikrotik Router sits behind an ISP provided router (Fritz!Box). Due to my physical network topology I would like to make one specific VLAN an extension of the network of my ISP router (192.168.178.0/24) including DHCP etc.

Image

How would you approach this?

Thanks!
Top
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11627
Joined: Thu Mar 03, 2016 10:23 pm

Re: Route WAN network to VLAN

Sat Oct 23, 2021 9:35 pm

Ether1 should become access port of common bridge (with PVID=100 set). Port towards switch should be hybrid (untagged for LAN and tagged for VID 100). You need vlan interface with VLAN ID 100 anchored to bridge. Then you have to move WAN setup (DHCP client or static IP address or whatever) from ether1 to VLAN interface, also add VLAN interface to WAN interface list. Enable vlan-filtering on bridge.
Then configure switch appropriately.
Top
 
supadupa
just joined
Topic Author
Posts: 3
Joined: Mon Dec 09, 2019 5:53 pm

Re: Route WAN network to VLAN

Sun Oct 24, 2021 12:15 am

Thanks - will give it a go!
Ether1 should become access port of common bridge (with PVID=100 set). Port towards switch should be hybrid (untagged for LAN and tagged for VID 100). You need vlan interface with VLAN ID 100 anchored to bridge. Then you have to move WAN setup (DHCP client or static IP address or whatever) from ether1 to VLAN interface, also add VLAN interface to WAN interface list. Enable vlan-filtering on bridge.
Then configure switch appropriately.
Top
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19371
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Re: Route WAN network to VLAN

Sun Oct 24, 2021 4:45 am

The ISP is giving you multiple WANIPs??
Oh I get it, the fritz box only has so many ports and thus the physical limitation.
It really doesnt matter how many DHCP addresses it gives out probably 2-256 available etc..........

In that case disagree with MKX.
Yes VLAN100 should be untagged on ether1 for vlan100 but the ether X to the switch should be a trunk port carrying vlan11 your LAN network and vlan100 the fritz lan.
That way the bridge is just bridging and not directly involved with subnets. Smart switches setup is simplifed.
Vlan100 goes untagged to device2 and vlan11 goes untagged to all lan connected devices.
and vlan 11 gets the IP address, the dhcp-server and dhcp-server network etc.......

You guessed, I dont like bridges involved in more than just bridging. Just a pet phobia of mine like I despise capsman, and mangling.
viewtopic.php?t=143620
Top
Post Reply

Who is online

Users browsing this forum: aferreira and 176 guests
  4. RouterOS
  5. General