I've set up two bridge VLANs, namely VLAN_10 and VLAN_20. Currently, VLAN_20 is left empty.
For VLAN_10, I've added three ports which include 2 WiFi dumb APs and 1 desktop computer. After that, I created VLAN 10, configured an IP pool and DHCP settings (192.168.10.2-192.168.10.254), and then untagged it to the bridge VLAN 10.
The devices added to Bridge VLAN 10 have received the correct IP addresses. Internet is working well.
But my computer is unable to access other computer on this same LAN network to use any SMB file sharing or web server. Actually I can ping that PC, I can see its SMB folder but when I open them, it takes forever to load. Computers' firewall are all disabled.
Below is the "export hide-sensitive" of my current configuration. I'm hoping that someone can help me pinpoint the issue and provide guidance on resolving it.
Code: Select all
[admin@MikroTik] > /export hide-sensitive
# 2023-08-14 18:52:22 by RouterOS 7.10.2
/interface bridge
add add-dhcp-option82=yes dhcp-snooping=yes igmp-snooping=yes mtu=1480 name=\
bridge_vlan_10 protocol-mode=none pvid=10 vlan-filtering=yes
add add-dhcp-option82=yes dhcp-snooping=yes igmp-snooping=yes mtu=1480 name=\
bridge_vlan_20 protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] disable-running-check=no mac-address=\
00:F1:F3:21:48:01 mtu=1480 name=ether0_FPT_ONT_F2
set [ find default-name=ether2 ] disable-running-check=no mtu=1480 name=\
ether1_AX9000_F1
set [ find default-name=ether3 ] disable-running-check=no mtu=1480 name=\
ether2_AX9000_F3
set [ find default-name=ether4 ] disable-running-check=no mtu=1480 name=\
ether3_MiniPC_F2
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether0_FPT_ONT_F2 max-mtu=1480 \
name=pppoe-fpt-out1 user=hnfdl-230720-6216
/interface vlan
add interface=bridge_vlan_10 mtu=1480 name=vlan10 vlan-id=10
add interface=bridge_vlan_20 mtu=1480 name=vlan20 vlan-id=20
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=VLAN_10_POOL ranges=192.168.10.2-192.168.10.254
add name=VLAN_20_POOL ranges=192.168.20.2-192.168.20.254
add name=dhcp_pool4 ranges=192.168.10.2-192.168.10.254
/ip dhcp-server
add address-pool=VLAN_10_POOL interface=bridge_vlan_10 name=DHCP_VLAN10
add address-pool=VLAN_20_POOL interface=bridge_vlan_20 name=DHCP_VLAN20
/port
set 0 name=serial0
/interface bridge port
add bridge=bridge_vlan_10 interface=ether3_MiniPC_F2 pvid=10
add bridge=bridge_vlan_10 interface=ether2_AX9000_F3 pvid=10
add bridge=bridge_vlan_10 interface=ether1_AX9000_F1 pvid=10
/interface bridge settings
set use-ip-firewall=yes use-ip-firewall-for-pppoe=yes use-ip-firewall-for-vlan=\
yes
/interface bridge vlan
add bridge=bridge_vlan_10 tagged=vlan10 untagged=bridge_vlan_10 vlan-ids=10
add bridge=bridge_vlan_20 vlan-ids=20
/ip address
add address=192.168.10.1/24 interface=bridge_vlan_10 network=192.168.10.0
add address=192.168.20.1/24 interface=bridge_vlan_20 network=192.168.20.0
/ip dhcp-server lease
add address=192.168.10.201 client-id=1:84:47:9:5:d5:8e mac-address=\
84:47:09:05:D5:8E server=DHCP_VLAN10
/ip dhcp-server network
add address=192.168.10.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.10.1
add address=192.168.20.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.20.1
add address=192.168.88.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.88.1
/ip firewall filter
add action=accept chain=forward dst-address=192.168.10.0/24 log=yes protocol=\
tcp src-address=192.168.10.0/24
add action=accept chain=forward dst-address=192.168.10.0/24 log=yes protocol=\
udp src-address=192.168.10.0/24
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-fpt-out1
/system hardware
set allow-x86-64=yes
/system note
set show-at-login=no
[admin@MikroTik] >
