Community discussions

MikroTik App
 
solarwing
just joined
Topic Author
Posts: 10
Joined: Thu Apr 20, 2023 6:03 pm

VLAN with different IP classes

Thu Apr 20, 2023 6:25 pm

hello,
I am new to this forum and mikrotik in general, I just bougth a new CRS326-24G-2S+RM and trying to build some complex home network.
In the attached img you can see the network diagram:

the 2 APs run 3 different VLANs that cannot talk to each other, but can connect to internet via the modem/router.
there is the NVR on VLAN-NVR that can talk to internet and only with VLAN-home
the HA machine is under VLAN-IOT.
and the 2 servers are on the same VLAN-servers that can only connect to internet and with VLAN-home

given this requirements I need to build all of the above, I already created all the VLANs on APs and on the CRS326
the modem/router IP is 192.168.1.1 and the DHCP use the IPs pool 192.168.1.0/24 for every connected device.

now I need:
1) use the IP 10.0.x.x on all the VLANs (done)
2) make sure that only VLAN-home, VLAN-guest and VLAN-servers can reach the internet. I created the srcnat with out-interface the port where the modem is connected to, but even the VLAN-IOT can reach the internet, how can I select what VLAN can do it?
3) make the HA device reachable just from a single IP/MAC from the VLAN-home
4) should I disable the bridge completely for all the ether ports, since all the connected devices are in one of the VLANs above?

thanks in advance
You do not have the required permissions to view the files attached to this post.

Who is online

Users browsing this forum: adrianmartin16, gigabyte091, koer, lurker888, Michiganbroadband, thomassocz, tjr and 81 guests