I want to build a guest WLAN with a vlan to seprate from main home network.
because Apple AirPort use 1003 as gueast vlan , so I choose it,too.
according to routeros documents, in RouterOS 7 use bridge vlan-filtering and bridge port tag are enough?
but I found that must both set datapath vlan-id and brigde ?
here is my configuration, welcome any suggestion.
Code: Select all
/interface bridge
add admin-mac=48:A9:8A:0F:05:23 auto-mac=no comment=defconf \
ingress-filtering=no name=bridge vlan-filtering=yes
/interface wifiwave2
/interface vlan
add comment=Guest interface=bridge name=vlan1_iot vlan-id=1003
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wifiwave2 security
add authentication-types=wpa-psk,wpa2-psk name=Guest
/interface wifiwave2
add comment="Guest wifi 5G" configuration.mode=ap .ssid=YFWIFI2_IOT \
datapath.vlan-id=1003 disabled=no mac-address=4A:A9:8A:0F:05:27 \
master-interface=wifi1 name=wifi3 security=Guest
add comment="Guest wifi 2.4G" configuration.mode=ap .ssid=YFWIFI2_IOT \
datapath.vlan-id=1003 disabled=no mac-address=4A:A9:8A:0F:05:28 \
master-interface=wifi2 name=wifi4 security=Guest
/ip pool
add name=dhcp ranges=192.168.88.100-192.168.88.199
add name=pool_iot ranges=192.168.90.100-192.168.90.200
/ip dhcp-server
add address-pool=dhcp interface=bridge lease-time=1w name=defconf
add address-pool=pool_iot comment=Guest interface=vlan1_iot lease-time=1d \
name=dhcp-iot
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=wifi1
add bridge=bridge comment=defconf interface=wifi2
add bridge=bridge ingress-filtering=no interface=wifi3 pvid=1003
add bridge=bridge ingress-filtering=no interface=wifi4 pvid=1003
/interface bridge vlan
add bridge=bridge comment=Guest tagged=wifi3,wifi4,bridge vlan-ids=1003
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
add interface=wg2 list=LAN
add interface=wg1 list=WAN
add interface=vlan1_iot list=LAN
/ip address
add address=192.168.90.1/24 comment=Guest interface=vlan1_iot network=\
192.168.90.0
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf dns-server=192.168.88.1 gateway=\
192.168.88.1
add address=192.168.90.0/24 comment=Guest dns-server=192.168.90.1 gateway=\
192.168.90.1