main router: RB750GL with a Atheros 8327 chip
- ether 1: WAN connection
- ether 2: trunk to AP/switch
- ether 3: trunk to switch
- ether 4: trunk to AP/switch
- ether 5: maintenace port
Vlan configuration done via /interface/ethernet/switch/vlan (--> reason: Hardware offloading is disabled when using vlan via "bridge Vlan filtering" (reference link)). --> not done via bridge VLAN filtering as mention in the VLAN Topic
- VLAN 10: main vlan
- VLAN xx: iot / guest / ...
What I dit was to add ether 1 to the LAN Bridge and ether1 is an access port for VLAN100. I changed my DHCP client from ether 1 to VLAN100, I changed the firewall settings and de NAT settings (VLAN100 is the WAN network).
Problem: VLAN100 does not receive an IP (no external IP) and no Internet connection is possible anymore.
What am I doing wrong?
Code: Select all
/interface bridge
add admin-mac=...... auto-mac=no comment="Bridge voor Local Network" name="Bridge LAN" protocol-mode=none
add comment="Bridge voor WAN" disabled=yes name="Bridge WAN" protocol-mode=none
add name=bridge_maintenance protocol-mode=none
/interface vlan
add interface="Bridge LAN" name="VLAN Gasten" vlan-id=20
add interface="Bridge LAN" name="VLAN Main" vlan-id=10
add interface="Bridge LAN" name="VLAN Main_ext" vlan-id=15
add interface="Bridge LAN" name="VLAN VLVO" vlan-id=40
add interface="Bridge LAN" name="VLAN WAN" vlan-id=100
add interface="Bridge LAN" name="VLAN iot" vlan-id=30
/interface ethernet switch port
set 0 default-vlan-id=100 vlan-header=always-strip vlan-mode=fallback
set 1 vlan-mode=secure
set 2 vlan-mode=secure
set 4 vlan-mode=secure
/interface bridge port
add bridge="Bridge LAN" ingress-filtering=no interface=ether1
add bridge="Bridge LAN" frame-types=admit-only-vlan-tagged ingress-filtering=no interface=ether3
add bridge="Bridge LAN" frame-types=admit-only-vlan-tagged ingress-filtering=no interface=ether4
add bridge="Bridge LAN" frame-types=admit-only-vlan-tagged ingress-filtering=no interface=ether2
add bridge=bridge_maintenance ingress-filtering=no interface=ether5
/interface ethernet switch vlan
add independent-learning=yes ports=ether2,ether3,ether4,ether5,switch1-cpu switch=switch1 vlan-id=10
add independent-learning=no ports=ether2,ether3,ether4,ether5,switch1-cpu switch=switch1 vlan-id=20
add independent-learning=no ports=ether2,ether3,ether4,ether5,switch1-cpu switch=switch1 vlan-id=30
add independent-learning=no ports=ether2,ether3,ether4,ether5,switch1-cpu switch=switch1 vlan-id=40
add independent-learning=no ports=ether1,switch1-cpu,ether2,ether3,ether4 switch=switch1 vlan-id=100
thanks