I'm struggling with configuring Bridge VLAN for my multiple SSID Unifi AP.
I was able to configure VLANs for Guest (VLAN 32 ) and iOT (VLAN 33) SSID and it seems to work well. However I'm not able to configure VLAN for Staff SSID (VLAN 31).
The idea is to have AP which is connected to Port 5 in VLAN 31 Network. I configure port5 as a access port via Bridge port:
and than tagged that port in Bridge VLAN:add bridge=bridge-local interface=ether5 multicast-router=disabled pvid=31
It was working for like a minute before the AP got disconected for some reason.add bridge=bridge-local tagged=bridge-local, ether5 untagged=ether2,ether3,ether4 vlan-ids=31
If the Bridge VLAN configuration is like this:
the Guest and ioT SSID is working properly but not the Staff SSID.add bridge=bridge-local tagged=bridge-local untagged=ether2,ether3,ether4,ether5 vlan-ids=31
I'm not sure what I'm doing wrong. Can someone help, please?
Topology:
Mikrotik Config:
# model = RB760iGS
# serial number = <CENSORED>
/interface bridge
add name=bridge-local vlan-filtering=yes
/interface vlan
add interface=bridge-local name=vlan31-staff vlan-id=31
add interface=bridge-local name=vlan32-guest vlan-id=32
add interface=bridge-local name=vlan33-iot vlan-id=33
/ip pool
add name=dhcp-pool-staff ranges=10.8.31.20-10.8.31.249
add name=dhcp-pool-guest ranges=10.8.32.20-10.8.32.249
add name=dhcp-pool-iot ranges=10.8.33.20-10.8.33.249
/ip dhcp-server
add address-pool=dhcp-pool-staff disabled=no interface=vlan31-staff name=dhcp-staff
add address-pool=dhcp-pool-guest disabled=no interface=vlan32-guest name=dhcp-guest
add address-pool=dhcp-pool-iot disabled=no interface=vlan33-iot name=dhcp-iot
/interface bridge port
add bridge=bridge-local interface=ether2 multicast-router=disabled pvid=31
add bridge=bridge-local interface=ether3 multicast-router=disabled pvid=31
add bridge=bridge-local interface=ether4 multicast-router=disabled pvid=31
add bridge=bridge-local interface=ether5 multicast-router=disabled pvid=31
/interface bridge vlan
add bridge=bridge-local tagged=bridge-local, ether5 untagged=ether2,ether3,ether4 vlan-ids=31
add bridge=bridge-local tagged=ether5,bridge-local vlan-ids=32
add bridge=bridge-local tagged=ether5,bridge-local vlan-ids=33
/interface list member
add interface=ether1 list=WAN
add interface=ether2 list=LAN
add interface=ether3 list=LAN
add interface=ether4 list=LAN
add interface=ether5 list=LAN
add interface=bridge-local list=LAN
/ip address
add address=10.8.31.1/24 interface=vlan31-staff network=10.8.31.0
add address=10.8.32.1/24 interface=vlan32-guest network=10.8.32.0
add address=10.8.33.1/24 interface=vlan33-iot network=10.8.33.0
/ip dhcp-client
add interface=bridge-local
add interface=ether1
/ip dhcp-server network
add address=10.8.31.0/24 dns-server=10.7.31.32,8.8.8.8 gateway=10.8.31.1
add address=10.8.32.0/24 dns-server=10.7.31.32,8.8.8.8 gateway=10.8.32.1
add address=10.8.33.0/24 dns-server=10.7.31.32,8.8.8.8 gateway=10.8.33.1
/ip dns
set servers=8.8.8.8
/ip firewall nat
add action=masquerade chain=srcnat src-address=10.8.31.0/24
add action=masquerade chain=srcnat src-address=10.8.32.0/24
add action=masquerade chain=srcnat src-address=10.8.33.0/24