Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

How do i completely separate one Port?

Post Reply
 
dk42
just joined
Topic Author
Posts: 10
Joined: Sun Aug 15, 2021 6:44 pm

How do i completely separate one Port?

Mon Nov 22, 2021 11:38 am

Hi.

Still pretty new to mikrotik and networking stuff, so a came to an point where i'm stuck, maybe anyone could help me?
In my house i want to separate/isolate the ethernet port (ether9 - red one in schema) in one room from the rest of the LAN while still giving this port access to the internet.
Network Schema is as this:
Image

how do i do this? i'm stuck :\
Until now i did the following:
on the crs i created 2 bridges,
bridge1 for all the ports exept ether9
bridge2 for the port to be isolated (ether9), with dhcp server.
Code: Select all
# nov/22/2021 10:32:40 by RouterOS 6.49
# software id = RLEG-R3D1
#
# model = CRS318-16P-2S+
# 
/caps-man channel
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=Ceeeeeee \
    frequency=5180 name=ch50@160MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eCeeeeee \
    frequency=5200 name=ch50@160MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeCeeeee \
    frequency=5220 name=ch50@160MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeCeeee \
    frequency=5240 name=ch50@160MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=Ceeeeeee \
    frequency=5260 name=ch50@160MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eCeeeeee \
    frequency=5280 name=ch50@160MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeCeeeee \
    frequency=5300 name=ch50@160MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeCeeee \
    frequency=5320 name=ch50@160MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeeCeee \
    frequency=5500 name=ch114@160MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeeeCee \
    frequency=5520 name=ch114@160MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeeeeCe \
    frequency=5540 name=ch114@160MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeeeeeC \
    frequency=5560 name=ch114@160MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeeCeee \
    frequency=5580 name=ch114@160MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeeeCee \
    frequency=5600 name=ch114@160MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeeeeCe \
    frequency=5620 name=ch114@160MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeeeeeC \
    frequency=5640 name=ch114@160MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=Ceee \
    frequency=5180 name=ch42@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eCee \
    frequency=5200 name=ch42@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeCe \
    frequency=5220 name=ch42@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeC \
    frequency=5240 name=ch42@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=Ceee \
    frequency=5260 name=ch58@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eCee \
    frequency=5280 name=ch58@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeCe \
    frequency=5300 name=ch58@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeC \
    frequency=5320 name=ch58@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=Ceee \
    frequency=5500 name=ch106@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eCee \
    frequency=5520 name=ch106@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeCe \
    frequency=5540 name=ch106@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeC \
    frequency=5560 name=ch106@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=Ceee \
    frequency=5580 name=ch122@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eCee \
    frequency=5600 name=ch122@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeCe \
    frequency=5620 name=ch122@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeC \
    frequency=5640 name=ch122@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=Ceee \
    frequency=5660 name=ch138@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eCee \
    frequency=5680 name=ch138@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeCe \
    frequency=5700 name=ch138@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeC \
    frequency=5720 name=ch138@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=Ceee \
    frequency=5745 name=ch155@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eCee \
    frequency=5765 name=ch155@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeCe \
    frequency=5785 name=ch155@80MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeC \
    frequency=5805 name=ch155@80MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=Ce \
    frequency=5180 name=ch38@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=eC \
    frequency=5200 name=ch38@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=Ce \
    frequency=5220 name=ch46@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=eC \
    frequency=5240 name=ch46@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=Ce \
    frequency=5260 name=ch54@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=eC \
    frequency=5280 name=ch54@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=Ce \
    frequency=5300 name=ch62@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=eC \
    frequency=5320 name=ch62@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=Ce \
    frequency=5500 name=ch102@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=eC \
    frequency=5520 name=ch102@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=Ce \
    frequency=5540 name=ch110@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=eC \
    frequency=5560 name=ch110@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=Ce \
    frequency=5580 name=ch118@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=eC \
    frequency=5600 name=ch118@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=Ce \
    frequency=5620 name=ch126@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=eC \
    frequency=5640 name=ch126@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=Ce \
    frequency=5660 name=ch134@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=eC \
    frequency=5680 name=ch134@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=Ce \
    frequency=5700 name=ch142@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=eC \
    frequency=5720 name=ch142@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=Ce \
    frequency=5745 name=ch151@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=eC \
    frequency=5765 name=ch151@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=Ce \
    frequency=5785 name=ch159@40MHz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=eC \
    frequency=5805 name=ch159@40MHz
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5180 name=ch36
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5200 name=ch40
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5220 name=ch44
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5240 name=ch48
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5260 name=ch52
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5280 name=ch56
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5300 name=ch60
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5320 name=ch64
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5500 name=ch100
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5520 name=ch104
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5540 name=ch108
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5560 name=ch112
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5580 name=ch116
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5600 name=ch120
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5620 name=ch124
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5640 name=ch128
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5660 name=ch132
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5680 name=ch136
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5700 name=ch140
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5720 name=ch144
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5745 name=ch149
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5765 name=ch153
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5785 name=ch157
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5805 name=ch161
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5825 name=ch165
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=Ceee \
    frequency=5180 name=ch42@80MHz/ch38@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eCee \
    frequency=5200 name=ch42@80MHz/ch38@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeCe \
    frequency=5220 name=ch42@80MHz/ch46@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeC \
    frequency=5240 name=ch42@80MHz/ch46@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=Ceee \
    frequency=5260 name=ch58@80MHz/ch54@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eCee \
    frequency=5280 name=ch58@80MHz/ch54@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeCe \
    frequency=5300 name=ch58@80MHz/ch62@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeC \
    frequency=5320 name=ch58@80MHz/ch62@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=Ceee \
    frequency=5500 name=ch106@80MHz/ch102@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eCee \
    frequency=5520 name=ch106@80MHz/ch102@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeCe \
    frequency=5540 name=ch106@80MHz/ch110@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeC \
    frequency=5560 name=ch106@80MHz/ch110@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=Ceee \
    frequency=5580 name=ch122@80MHz/ch118@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eCee \
    frequency=5600 name=ch122@80MHz/ch118@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeCe \
    frequency=5620 name=ch122@80MHz/ch126@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeC \
    frequency=5640 name=ch122@80MHz/ch126@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=Ceee \
    frequency=5660 name=ch138@80MHz/ch134@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eCee \
    frequency=5680 name=ch138@80MHz/ch134@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeCe \
    frequency=5700 name=ch138@80MHz/ch142@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeC \
    frequency=5720 name=ch138@80MHz/ch142@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=Ceee \
    frequency=5745 name=ch155@80MHz/ch151@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eCee \
    frequency=5765 name=ch155@80MHz/ch151@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeCe \
    frequency=5785 name=ch155@80MHz/ch159@40MHz
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eeeC \
    frequency=5805 name=ch155@80MHz/ch159@40MHz
/interface bridge
add name=bridge1
add comment="Netzwerk Luise" name=bridge_EH_DG
/interface ethernet
set [ find default-name=ether1 ] name="p1 GH DG links"
set [ find default-name=ether2 ] name="p2 GH DG mitte"
set [ find default-name=ether3 ] name="p3 GH DG rechts"
set [ find default-name=ether4 ] name="p4 GH OG links"
set [ find default-name=ether5 ] name="p5 GH OG rechts Gartenseite"
set [ find default-name=ether6 ] name="p6 GH OG rechts Hofseite"
set [ find default-name=ether7 ] name="p7 GH EG K\FCche"
set [ find default-name=ether8 ] name=p8
set [ find default-name=ether9 ] name="p9 EH DG"
set [ find default-name=ether10 ] name="p10 EH OG"
set [ find default-name=ether11 ] name="p11 EH OG"
set [ find default-name=ether12 ] name="p12 EH K\FCche rechts"
set [ find default-name=ether13 ] name="p13 EH K\FCche links"
set [ find default-name=ether14 ] auto-negotiation=no name=p14 \
    rx-flow-control=auto tx-flow-control=auto
set [ find default-name=ether15 ] name="p15 Garage backup"
set [ find default-name=ether16 ] name=p16
/caps-man security
add authentication-types=wpa2-psk disable-pmkid=yes encryption=aes-ccm name=\
    **
add authentication-types=wpa2-psk encryption=aes-ccm name=**
add authentication-types=wpa2-psk encryption=aes-ccm name=**
/caps-man configuration
add datapath.bridge=bridge1 datapath.local-forwarding=yes name=** \
    rates.basic="" rates.supported="" security=** ssid=**
add datapath.bridge=bridge1 datapath.local-forwarding=yes name=** security=\
    ** ssid=**
add channel.band=2ghz-g/n channel.control-channel-width=20mhz \
    channel.extension-channel=disabled channel.frequency=2412,2437,2462 \
    channel.reselect-interval=1h channel.tx-power=10 country=etsi \
    datapath.bridge=bridge1 datapath.client-to-client-forwarding=no \
    datapath.local-forwarding=no installation=indoor name="** 2.4Ghz Channel" \
    rates.basic=12Mbps rates.ht-basic-mcs="" rates.ht-supported-mcs="" \
    rates.supported=12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps \
    rates.vht-basic-mcs="" rates.vht-supported-mcs="" security=** \
    security.disable-pmkid=yes ssid=**
add channel.band=5ghz-n/ac channel.skip-dfs-channels=no channel.tx-power=20 \
    country=etsi datapath.bridge=bridge1 datapath.local-forwarding=no \
    installation=indoor name="**5Ghz Channel" rates.basic=12Mbps \
    rates.ht-basic-mcs="" rates.ht-supported-mcs="" rates.supported=\
    12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps security=** \
    security.disable-pmkid=yes ssid=**
/interface list
add name=WAN
add name=LAN
/interface wireless channels
add band=2ghz-b/g/n frequency=2412 list=2GHz/20MHz name=ch1 width=20
add band=2ghz-b/g/n frequency=2437 list=2GHz/20MHz name=ch6 width=20
add band=2ghz-b/g/n frequency=2462 list=2GHz/20MHz name=ch11 width=20
add band=5ghz-onlyac extension-channel=Ceee frequency=5180 list=5GHz/80MHz \
    name=ch36/38/42 width=20
add band=5ghz-onlyac extension-channel=eCee frequency=5200 list=5GHz/80MHz \
    name=ch40/38/42 width=20
add band=5ghz-onlyac extension-channel=eeCe frequency=5220 list=5GHz/80MHz \
    name=ch44/46/42 width=20
add band=5ghz-onlyac extension-channel=eeeC frequency=5240 list=5GHz/80MHz \
    name=ch48/46/42 width=20
add band=5ghz-onlyac extension-channel=Ceee frequency=5260 list=5GHz/80MHz \
    name=ch52/54/58 width=20
add band=5ghz-onlyac extension-channel=eCee frequency=5280 list=5GHz/80MHz \
    name=ch56/54/58 width=20
add band=5ghz-onlyac extension-channel=eeCe frequency=5300 list=5GHz/80MHz \
    name=ch60/62/58 width=20
add band=5ghz-onlyac extension-channel=eeeC frequency=5320 list=5GHz/80MHz \
    name=ch64/62/58 width=20
add band=5ghz-onlyac extension-channel=Ceee frequency=5500 list=5GHz/80MHz \
    name=ch100/102/106 width=20
add band=5ghz-onlyac extension-channel=eCee frequency=5520 list=5GHz/80MHz \
    name=ch104/102/106 width=20
add band=5ghz-onlyac extension-channel=eeCe frequency=5540 list=5GHz/80MHz \
    name=ch108/110/106 width=20
add band=5ghz-onlyac extension-channel=eeeC frequency=5560 list=5GHz/80MHz \
    name=ch112/110/106 width=20
add band=5ghz-onlyac extension-channel=Ceee frequency=5580 list=5GHz/80MHz \
    name=ch116/118/122 width=20
add band=5ghz-onlyac extension-channel=eCee frequency=5600 list=5GHz/80MHz \
    name=ch120/118/122 width=20
add band=5ghz-onlyac extension-channel=eeCe frequency=5620 list=5GHz/80MHz \
    name=ch124/126/122 width=20
add band=5ghz-onlyac extension-channel=eeeC frequency=5640 list=5GHz/80MHz \
    name=ch128/126/122 width=20
add band=5ghz-n/ac extension-channel=Ce frequency=5180 list=5GHz/40MHz name=\
    ch36/38 width=20
add band=5ghz-n/ac extension-channel=eC frequency=5200 list=5GHz/40MHz name=\
    ch40/38 width=20
add band=5ghz-n/ac extension-channel=Ce frequency=5220 list=5GHz/40MHz name=\
    ch44/46 width=20
add band=5ghz-n/ac extension-channel=eC frequency=5240 list=5GHz/40MHz name=\
    ch48/46 width=20
add band=5ghz-n/ac extension-channel=Ce frequency=5260 list=5GHz/40MHz name=\
    ch52/54 width=20
add band=5ghz-n/ac extension-channel=eC frequency=5280 list=5GHz/40MHz name=\
    ch56/54 width=20
add band=5ghz-n/ac extension-channel=Ce frequency=5300 list=5GHz/40MHz name=\
    ch60/62 width=20
add band=5ghz-n/ac extension-channel=eC frequency=5320 list=5GHz/40MHz name=\
    ch64/62 width=20
add band=5ghz-n/ac extension-channel=Ce frequency=5500 list=5GHz/40MHz name=\
    ch100/102 width=20
add band=5ghz-n/ac extension-channel=eC frequency=5520 list=5GHz/40MHz name=\
    ch104/102 width=20
add band=5ghz-n/ac extension-channel=Ce frequency=5540 list=5GHz/40MHz name=\
    ch108/110 width=20
add band=5ghz-n/ac extension-channel=eC frequency=5560 list=5GHz/40MHz name=\
    ch112/110 width=20
add band=5ghz-n/ac extension-channel=Ce frequency=5580 list=5GHz/40MHz name=\
    ch116/118 width=20
add band=5ghz-n/ac extension-channel=eC frequency=5600 list=5GHz/40MHz name=\
    ch120/118 width=20
add band=5ghz-n/ac extension-channel=Ce frequency=5620 list=5GHz/40MHz name=\
    ch124/126 width=20
add band=5ghz-n/ac extension-channel=eC frequency=5640 list=5GHz/40MHz name=\
    ch128/126 width=20
add band=5ghz-n/ac extension-channel=Ce frequency=5660 list=5GHz/40MHz name=\
    ch132/134 width=20
add band=5ghz-n/ac extension-channel=eC frequency=5680 list=5GHz/40MHz name=\
    ch136/134 width=20
add band=5ghz-a/n/ac frequency=5180 list=5GHz/20MHz name=ch36 width=20
add band=5ghz-a/n/ac frequency=5200 list=5GHz/20MHz name=ch40 width=20
add band=5ghz-a/n/ac frequency=5220 list=5GHz/20MHz name=ch44 width=20
add band=5ghz-a/n/ac frequency=5240 list=5GHz/20MHz name=ch48 width=20
add band=5ghz-a/n/ac frequency=5260 list=5GHz/20MHz name=ch52 width=20
add band=5ghz-a/n/ac frequency=5280 list=5GHz/20MHz name=ch56 width=20
add band=5ghz-a/n/ac frequency=5300 list=5GHz/20MHz name=ch60 width=20
add band=5ghz-a/n/ac frequency=5320 list=5GHz/20MHz name=ch64 width=20
add band=5ghz-a/n/ac frequency=5500 list=5GHz/20MHz name=ch100 width=20
add band=5ghz-a/n/ac frequency=5520 list=5GHz/20MHz name=ch104 width=20
add band=5ghz-a/n/ac frequency=5540 list=5GHz/20MHz name=ch108 width=20
add band=5ghz-a/n/ac frequency=5560 list=5GHz/20MHz name=ch112 width=20
add band=5ghz-a/n/ac frequency=5580 list=5GHz/20MHz name=ch116 width=20
add band=5ghz-a/n/ac frequency=5600 list=5GHz/20MHz name=ch120 width=20
add band=5ghz-a/n/ac frequency=5620 list=5GHz/20MHz name=ch124 width=20
add band=5ghz-a/n/ac frequency=5640 list=5GHz/20MHz name=ch128 width=20
add band=5ghz-a/n/ac frequency=5660 list=5GHz/20MHz name=ch132 width=20
add band=5ghz-a/n/ac frequency=5680 list=5GHz/20MHz name=ch136 width=20
add band=5ghz-a/n/ac frequency=5700 list=5GHz/20MHz name=ch140 width=20
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool0 ranges=192.168.21.30-192.168.21.254
add name=dhcp_pool2 ranges=10.80.100.2-10.80.100.99
/ip dhcp-server
add address-pool=dhcp_pool2 disabled=no interface=bridge_EH_DG name=dhcp2
/caps-man access-list
add action=accept allow-signal-out-of-range=10s disabled=yes interface=all \
    signal-range=-84..120 ssid-regexp=""
add action=reject allow-signal-out-of-range=10s disabled=yes interface=all \
    signal-range=-120..-85 ssid-regexp=""
/caps-man manager
set enabled=yes
/caps-man manager interface
set [ find default=yes ] forbid=yes
add disabled=no interface=bridge1
/caps-man provisioning
add action=create-dynamic-enabled comment=2.4 hw-supported-modes=g,gn \
    master-configuration="** 2.4Ghz Channel" name-format=prefix-identity \
    name-prefix=2.4GHz slave-configurations=**
add action=create-dynamic-enabled comment=5 hw-supported-modes=ac \
    master-configuration="** 5Ghz Channel" name-format=prefix-identity \
    name-prefix=5GHz slave-configurations=**
/interface bridge port
add bridge=bridge1 interface=sfp-sfpplus1
add bridge=bridge1 interface="p1 GH DG links"
add bridge=bridge1 interface="p2 GH DG mitte"
add bridge=bridge1 interface="p3 GH DG rechts"
add bridge=bridge1 interface="p4 GH OG links"
add bridge=bridge1 interface="p5 GH OG rechts Gartenseite"
add bridge=bridge1 interface="p6 GH OG rechts Hofseite"
add bridge=bridge1 interface="p7 GH EG K\FCche"
add bridge=bridge1 interface=p8
add bridge=bridge1 interface="p10 EH OG"
add bridge=bridge1 interface="p11 EH OG"
add bridge=bridge1 interface="p12 EH K\FCche rechts"
add bridge=bridge1 interface="p13 EH K\FCche links"
add bridge=bridge1 interface=p14
add bridge=bridge1 interface="p15 Garage backup"
add bridge=bridge1 interface=p16
add bridge=bridge1 interface=sfp-sfpplus2
add bridge=bridge_EH_DG interface="p9 EH DG"
/ip neighbor discovery-settings
set discover-interface-list=all
/interface detect-internet
set detect-interface-list=all
/interface list member
add interface="p2 GH DG mitte" list=LAN
add interface="p3 GH DG rechts" list=LAN
add interface="p4 GH OG links" list=LAN
add interface="p5 GH OG rechts Gartenseite" list=LAN
add interface="p6 GH OG rechts Hofseite" list=LAN
add interface="p7 GH EG K\FCche" list=LAN
add interface=p8 list=LAN
add interface="p9 EH DG" list=LAN
add interface="p10 EH OG" list=LAN
add interface="p11 EH OG" list=LAN
add interface="p12 EH K\FCche rechts" list=LAN
add interface="p13 EH K\FCche links" list=LAN
add interface=p14 list=LAN
add interface="p15 Garage backup" list=LAN
add interface=p16 list=LAN
add interface=sfp-sfpplus2 list=LAN
add interface="p1 GH DG links" list=LAN
add interface=sfp-sfpplus1 list=WAN
/ip address
add address=10.80.100.1/24 interface=bridge_EH_DG network=10.80.100.0
/ip dhcp-client
add disabled=no interface=bridge1
/ip dhcp-server network
add address=10.80.100.0/24 dns-server=8.8.8.8 gateway=10.80.100.1
/ip dns
set servers=192.168.42.21
/ip firewall nat
add action=masquerade chain=srcnat ipsec-policy=out,none out-interface=\
    bridge1
# no interface
add action=masquerade chain=srcnat out-interface=*38
/ip route
add distance=1 gateway=*38
/ip upnp interfaces
add interface=bridge1 type=internal
/system clock
set time-zone-name=Europe/Berlin
/system identity
set name=MikroTikSwitch
/system routerboard settings
set boot-os=router-os
/tool graphing interface
add
thank you a lot for your help
Top
 
User avatar
Hominidae
Member
Member
Posts: 309
Joined: Thu Oct 19, 2017 12:50 am

Re: How do i completely separate one Port?

Mon Nov 22, 2021 1:13 pm

You will need a separate IP-net for the red channel and instruct the firewall on the tp-link to deny forwarded traffic between the two.
What firmware is your TP-Link using?
You could do all this with enabling Zones and/or VLANs, but I think you'll need to move to openWRT or dd-wrt for that kind of thing.
...what is using the CRS318 in that scenario good for...why not plug the red outlet directly into a port on your TP-Link Router and mange the Zones in there?
Top
 
dk42
just joined
Topic Author
Posts: 10
Joined: Sun Aug 15, 2021 6:44 pm

Re: How do i completely separate one Port?

Thu Nov 25, 2021 11:01 pm

You will need a separate IP-net for the red channel and instruct the firewall on the tp-link to deny forwarded traffic between the two.
What firmware is your TP-Link using?
You could do all this with enabling Zones and/or VLANs, but I think you'll need to move to openWRT or dd-wrt for that kind of thing.
...what is using the CRS318 in that scenario good for...why not plug the red outlet directly into a port on your TP-Link Router and mange the Zones in there?
Thanks for your answer Hominidæ, of course the TP-Link couldn't do this, but since i wanted to replace that devices anyways i got rid of it and replaced it with an HeXs. I bypassed the switch, plugged the red line to the router and set up a second net. This worked ootb (of course with extensive help from older forum threads ;) ).

Next step will be setting up VLAN to setup a proper guest net.

Thanks for the nudge! :)
Top
Post Reply

Who is online

Users browsing this forum: Bing [Bot], jaclaz, jstaw, MarkusT and 55 guests
  4. RouterOS
  5. Beginner Basics