Hello,
Thank you in advance for taking the time to read this and provide feedback. I have a large home network, for the most part all my infrastructure is Mikrotik except for one POE camera switch, and one unmanaged desktop switch. I would like the delve into the world of VLANs for my own better-meant and to enhance my home network security. I have a single WiFi SSID and would prefer to keep it but I am open to creating multiple. All Mikrotik APs are managed by CAPSMAN in my RB5009 router. I also have a CSS326 switch running SWOS. All other Mikrotik devices are running RouterOS 7.8. I would like to create various VLANs and move appropriate devices onto those VLANs so I can provide myself better security and control over the traffic as well as restrict internet access in certain cases. I have read through many forum posts and many aspects of the online manuals, as well as watched Mikrotik VLAN setups on Youbtube by the network berg. At this point I am scratching my head as most of the information is based on multiple SSIDs/VLANs not one SSID. I am somewhat confused by what I need to configure as far as interface VLANs, Bridges/VLAN Tables. It seems that my setup will require some work to be done in my CAPSMAN access list, as well as setup in the switch, and each AP.
My router is connected to the main switch via SFP port, all of my APs (4) are plugged into ports on that switch, most of my hardwired devices are connected to that switch, a few devices are plugged into the secondary ports of the APs.
Attached is a visual layout I made, if anyone is willing to help me get started - that would be wonderful as I am somewhat lost!