Community discussions

MikroTik App
 
mrmcrae
just joined
Topic Author
Posts: 14
Joined: Wed Jul 06, 2022 7:22 pm

Wireless Bridge Design Assistance

Wed Jul 06, 2022 9:05 pm

Firstly I have zero experience with Mikrotik products and been asked to try and assist a customer who have bought these themselves and tried to install however, they themselves are unsure on how to configure them properly.

The topology I I believe looks like the attached. Is there any configuration templates that would make this work? Any other considerations to be made aware of?
Mikrotik topology.PNG
You do not have the required permissions to view the files attached to this post.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11968
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Wireless Bridge Design Assistance

Wed Jul 06, 2022 9:13 pm

Nothing to configure (except passwords, etc.) , are already configured out-of-the box.
Treats the two pairs of Wireless Wire Dish RBLHGG-60ad simply like an ethernet cable.
 
mrmcrae
just joined
Topic Author
Posts: 14
Joined: Wed Jul 06, 2022 7:22 pm

Re: Wireless Bridge Design Assistance

Sun Jul 10, 2022 10:45 pm

Thanks. So out the box no Master/ Slave type selection pairing needs to be done between points? how does that work? do they join a default SSID, using default username and password? all configurable later? Do they accept all vlans passed to them without defining them on these devices? Sounds too good to be true...
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2978
Joined: Mon Apr 08, 2019 1:16 am

Re: Wireless Bridge Design Assistance

Mon Jul 11, 2022 12:38 am

Yes it is so good .

The devices come paired. At least in the CUBE "wireless wire" package: https://mikrotik.com/product/wireless_wire_cube
(SSID and passwords are set on both for 60 and 5 GHz) [and printed on the outside, so that are the first things I change]
(The 60G and 5G fallback link are bonded for fast failover in the default setup.)

What is the KHG60G MT device ?

I use these CUBEs with RB260GSP (SwOS) or Powerbox Pro (ROS) as interconnect for the proper PoE injection in the CUBEs and other MT devices. MT PoE might be incompatible with Cisco PoE.
Playing "dump" switch in all devices no VLAN settings are needed, everything will be forwarded. For multipoint connections, management VLAN, and smart traffic reduction, then VLAN settings in the interconnect (and eventually in the CUBEs if needed) will help.
 
mrmcrae
just joined
Topic Author
Posts: 14
Joined: Wed Jul 06, 2022 7:22 pm

Re: Wireless Bridge Design Assistance

Wed Jul 13, 2022 6:32 pm

My mistake these are apparently LHG60G (https://mikrotik.com/product/lhg_60g).
 
2frogs
Forum Veteran
Forum Veteran
Posts: 713
Joined: Fri Dec 03, 2010 1:38 am

Re: Wireless Bridge Design Assistance

Wed Jul 13, 2022 9:56 pm

https://mikrotik.com/product/wireless_wire_dish

These come pre-paired from the factor with a unique SSID and password. There is an included label with each device that notes it's role of Master or Slave and the password. The individual devices are the same LHG-60G that you can purchase individually and are not pre-configured.
 
mrmcrae
just joined
Topic Author
Posts: 14
Joined: Wed Jul 06, 2022 7:22 pm

Re: Wireless Bridge Design Assistance

Mon Aug 08, 2022 5:44 pm

I have received current config files and a little more info. Not much on there.

I have tried a notepad++ compare mikrotik config and found that P2P-02 does not have an ip route configured, should this be configured?

Should the management VLAN be untagged on both the SW and Mikrotik config? I believe SW-B and SW-C both have a Meraki AP hanging off them.

Customer: The main issue I was having was with devices authenticating via ISE, DHCP does not seem to be returning requests, so whilst ISE authenticated the device connection failed. If a device has a static IP and authenticates with Mac Address Bypass, the devices work.

P2P-03 and P2P-04 have not been installed/configured yet.

Bridge SI.PNG
P2P-01 Config:
[admin@P2P-01] > export
# jun/13/2022 13:54:10 by RouterOS 7.2.3
# software id = 5YBC-HC9N
#
# model = RBLHGG-60ad
# serial number = CXXXXXXXXX9B
/interface bridge
add admin-mac=C4:AD:XX:XX:XX:05 auto-mac=no comment=defconf ingress-filtering=no name=bridge pvid=105 vlan-filtering=yes
/interface w60g
set [ find ] disabled=no mode=bridge name=wlan60-1 ssid=AtoB
/interface w60g station
add mac-address=C4:AD:XX:XX:XX:06 name=wlan60-station-1 parent=wlan60-1 remote-address=C4:AD:XX:XX:XX:5E
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface bridge port
add bridge=bridge comment=defconf ingress-filtering=no interface=ether1 pvid=105
add bridge=bridge ingress-filtering=no interface=wlan60-1 pvid=105
add bridge=bridge ingress-filtering=no interface=wlan60-station-1 pvid=105
/interface bridge vlan
																			   
add bridge=bridge tagged=ether1,wlan60-1,wlan60-station-1 vlan-ids=1
add bridge=bridge untagged=bridge,ether1,wlan60-1,wlan60-station-1 vlan-ids=105
add bridge=bridge tagged=ether1,wlan60-1,wlan60-station-1 vlan-ids=114
add bridge=bridge tagged=ether1,wlan60-1,wlan60-station-1 vlan-ids=120
																	  
add bridge=bridge tagged=ether1,wlan60-1,wlan60-station-1 vlan-ids=204
add bridge=bridge tagged=ether1,wlan60-1,wlan60-station-1 vlan-ids=230
add bridge=bridge tagged=ether1,wlan60-1,wlan60-station-1 vlan-ids=65
add bridge=bridge tagged=ether1,wlan60-1,wlan60-station-1 vlan-ids=180
add bridge=bridge tagged=ether1,wlan60-1,wlan60-station-1 vlan-ids=240
/interface list member
add interface=wlan60-1 list=WAN
add interface=bridge list=LAN
/ip address
add address=10.20.105.200/24 comment=defconf interface=ether1 network=10.20.105.0
/ip dns
set servers=10.20.5.13,172.20.5.11
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.20.105.1 pref-src=0.0.0.0 routing-table=main scope=30 suppress-hw-offload=no target-scope=10
/system identity
set name=P2P-01
/system ntp client
set enabled=yes
/system ntp client servers
add address=10.20.5.13
add address=10.20.5.11

P2P-02 Config:
[admin@P2P-02] > export
# jun/22/2022 14:33:45 by RouterOS 7.2.3
# software id = NFB1-VT4G
#
# model = RBLHGG-60ad
# serial number = CxxxxxxxxDAD
/interface bridge
add admin-mac=C4:AD:XX:XX:XX:5D auto-mac=no comment=defconf name=bridge pvid=105 vlan-filtering=yes
/interface w60g
set [ find ] disabled=no mode=station-bridge name=wlan60-1 ssid=AtoB
/interface w60g station
add mac-address=C4:AD:XX:XX:XX:5E name=wlan60-station-1 parent=wlan60-1 remote-address=C4:AD:XX:XX:XX:06
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface bridge port
add bridge=bridge comment=defconf ingress-filtering=no interface=ether1 pvid=105
add bridge=bridge comment=defconf ingress-filtering=no interface=wlan60-1 pvid=105
add bridge=bridge ingress-filtering=no interface=wlan60-station-1 pvid=105
/interface bridge vlan
add bridge=bridge untagged=ether1,wlan60-1,wlan60-station-1,bridge vlan-ids=105
add bridge=bridge tagged=ether1,wlan60-1,wlan60-station-1 vlan-ids=1
add bridge=bridge tagged=ether1,wlan60-1,wlan60-station-1 vlan-ids=65
add bridge=bridge tagged=ether1,wlan60-1,wlan60-station-1 vlan-ids=114
add bridge=bridge tagged=ether1,wlan60-1,wlan60-station-1 vlan-ids=120
add bridge=bridge tagged=ether1,wlan60-1,wlan60-station-1 vlan-ids=180
add bridge=bridge tagged=ether1,wlan60-1,wlan60-station-1 vlan-ids=204
add bridge=bridge tagged=ether1,wlan60-1,wlan60-station-1 vlan-ids=230
																	 
																	  
add bridge=bridge tagged=ether1,wlan60-1,wlan60-station-1 vlan-ids=240
/interface list member
add interface=wlan60-1 list=WAN
add interface=ether1 list=LAN
/ip address
add address=10.20.105.201/24 comment=defconf interface=ether1 network=10.20.105.0
/ip dns
set servers=10.20.5.13,172.20.5.11
		 
																																						
/system identity
set name=P2P-02
/system ntp client
set enabled=yes
/system ntp client servers
add address=10.20.5.13
add address=10.20.5.11
/tool sniffer
set filter-interface=all filter-ip-address=!10.20.5.54/32 filter-mac-address=!C0:25:XX:XX:XX:7B/FF:FF:FF:FF:FF:FF filter-port=!bootps,!bootpc
Switch Configs:
SW-A
interface GigabitEthernet1/0/24
 description WiFi P2P (AtoB)
 switchport trunk allowed vlan 1-20,22-114,116-4094
 switchport trunk native vlan 105
 switchport mode trunk
 no logging event link-status
 srr-queue bandwidth share 10 10 60 20
 queue-set 2
 priority-queue out
 no snmp trap link-status
 mls qos cos 2
 mls qos trust cos
 spanning-tree portfast edge
 spanning-tree bpduguard disable
!
-----------------------------------------

SW-B
interface GigabitEthernet0/1
 description Wireless P2P(Building B to Building A)
 switchport trunk allowed vlan 1-20,22-114,116-4094
 switchport trunk native vlan 105
 switchport mode trunk
 no logging event link-status
 srr-queue bandwidth share 10 10 60 20
 queue-set 2
 priority-queue out
 no snmp trap link-status
 mls qos cos 2
 mls qos trust cos
 spanning-tree portfast edge
 spanning-tree bpduguard disable
 ip dhcp snooping trust
!
-----------------------------------------

 SW-C
 interface GigabitEthernet1/0/1
 description description Wireless P2P (Building C to B)
 switchport trunk allowed vlan 1-20,22-114,116-4094
 switchport trunk native vlan 105
 switchport mode trunk
 switchport nonegotiate
 priority-queue out
 no snmp trap link-status
 mls qos cos 2
 mls qos trust cos
 spanning-tree portfast edge
 spanning-tree bpduguard disable
 ip dhcp snooping trust
!
You do not have the required permissions to view the files attached to this post.

Who is online

Users browsing this forum: dioeyandika, mtest001 and 44 guests