Trying to setup a hAP mini as AP for the main router as in viewtopic.php?t=193916
hAP mini is connected via it's ether1 to the main routers ether3.
Routers can ping each other, I'm managing the mini through the main router.
Something is wrong with the WLANs of the mini. Any SSID associates but I get no IP assigned. Can't figure why. Config should be as viewtopic.php?t=143620
AP WLAN VLAN something wrong
You do not have the required permissions to view the files attached to this post.
Re: AP WLAN VLAN something wrong
If you want to use it purely for AP/L2, then config should be like this:
viewtopic.php?t=193818#p986333
viewtopic.php?t=193818#p986333
Re: AP WLAN VLAN something wrong
@darknate, stick to the harder stuff its where you excel, will never come close to 1/32 that you know but leave the easy pickings to the those that are used to mucking in the mud 
At OP, Taking a look at your config it looks excellent!
(1) However needs slight adjustment on /interface bridge vlans for close to perfection.
You have
/interface bridge vlan
add bridge=BR1 tagged=BR1,ether1 vlan-ids=99
Needs to be
/interface bridge vlan
add bridge=BR1 tagged=BR1,ether1 vlan-ids=99
add bridge=BR1 tagged=ether1 untagged=wlan1 vlan-id=10
add bridge=BR1 tagged=ether1 untagged=wlan2 vlan-id=20
add bridge=BR1 tagged=ether1 untagged=wlan3 vlan-id=30
Note, you can leave out the untagged in this case, but I prefer to put in the config so
that they are visible in an export of the config and one can cross match easily with bridge ports to see what you have done (even more so if ever using hybrid ports)
/interface bridge vlan
add bridge=BR1 tagged=BR1,ether1 vlan-ids=99
add bridge=BR1 tagged=ether1 vlan-id=10
add bridge=BR1 tagged=ether1 vlan-id=20
add bridge=BR1 tagged=ether1 vlan-id=30
(2) Minor change............ mac-server is not a secure access method and thus should not be utilized.
From
/tool mac-server
set allowed-interface-list=BASE
/tool mac-server mac-winbox
set allowed-interface-list=BASE
TO
/tool mac-server
set allowed-interface-list=NONE
/tool mac-server mac-winbox
set allowed-interface-list=BASE
(3) Add this line.
/ip dns
set allow-remote-requests=yes servers=192.168.88.1 comment="dns through trusted subnet gateway"
At OP, Taking a look at your config it looks excellent!
(1) However needs slight adjustment on /interface bridge vlans for close to perfection.
You have
/interface bridge vlan
add bridge=BR1 tagged=BR1,ether1 vlan-ids=99
Needs to be
/interface bridge vlan
add bridge=BR1 tagged=BR1,ether1 vlan-ids=99
add bridge=BR1 tagged=ether1 untagged=wlan1 vlan-id=10
add bridge=BR1 tagged=ether1 untagged=wlan2 vlan-id=20
add bridge=BR1 tagged=ether1 untagged=wlan3 vlan-id=30
Note, you can leave out the untagged in this case, but I prefer to put in the config so
that they are visible in an export of the config and one can cross match easily with bridge ports to see what you have done (even more so if ever using hybrid ports)
/interface bridge vlan
add bridge=BR1 tagged=BR1,ether1 vlan-ids=99
add bridge=BR1 tagged=ether1 vlan-id=10
add bridge=BR1 tagged=ether1 vlan-id=20
add bridge=BR1 tagged=ether1 vlan-id=30
(2) Minor change............ mac-server is not a secure access method and thus should not be utilized.
From
/tool mac-server
set allowed-interface-list=BASE
/tool mac-server mac-winbox
set allowed-interface-list=BASE
TO
/tool mac-server
set allowed-interface-list=NONE
/tool mac-server mac-winbox
set allowed-interface-list=BASE
(3) Add this line.
/ip dns
set allow-remote-requests=yes servers=192.168.88.1 comment="dns through trusted subnet gateway"
Re: AP WLAN VLAN something wrong
thank you, that was the missing point
but
fails on the comment, might be because ROS was just 6.9
but
Code: Select all
set allow-remote-requests=yes servers=192.168.88.1 comment="dns through trusted subnet gateway"Re: AP WLAN VLAN something wrong
Dont know what you mean a comment is a comment bounded by "
Re: AP WLAN VLAN something wrong
As if 6.9 won't support a comment on that command. Just upgraded to 7.8, can't check anymore.
Re: AP WLAN VLAN something wrong
/ip dns is an array of properties with values. You can only change settings of existing (predefined) properties, you can't add/invent new ones. comment does not exist ... neither in 6.49.7 nor in 7.8.
Sometimes I wonder if @anav has something to do with ChatGPT (who is known to invent things)
Sometimes I wonder if @anav has something to do with ChatGPT (who is known to invent things)
Re: AP WLAN VLAN something wrong
Good point LOL, I think its important to comment on every line of config, bad software habits.
MKX is correct, I didnt actually config that line I just wrote it, blindly assuming one could add a comment to that bit of code........... LOL
THe DNS entry is not commentable if that is a word.
Truth be told that was more of - why are we adding this line............ will adjust article. THANKS!!!!
Not CHAT GPT, but I am flattered you equated me with AI ;-P
But just to be sheite disturber I did fine one possibility
/ip dns static
add address=192.168.88.1 comment="Hey look ma, i can comment on one type of dns entry ;-PPPPP" name=mkx_is_always_right
MKX is correct, I didnt actually config that line I just wrote it, blindly assuming one could add a comment to that bit of code........... LOL
THe DNS entry is not commentable if that is a word.
Truth be told that was more of - why are we adding this line............ will adjust article. THANKS!!!!
Not CHAT GPT, but I am flattered you equated me with AI ;-P
But just to be sheite disturber I did fine one possibility
/ip dns static
add address=192.168.88.1 comment="Hey look ma, i can comment on one type of dns entry ;-PPPPP" name=mkx_is_always_right