Basic VLAN configuration is not working - new driver wave 2

fibracapi · Thu Mar 28, 2024 9:04 pm

# model = RB750r2
/interface bridge
add auto-mac=no comment=defconf name=bridge vlan-filtering=yes
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1 name=pppoe-out1 use-peer-dns=yes user=miuserpppoe
/interface bridge vlan
add bridge=bridge tagged=bridge,ether2,ether3 vlan-ids=10
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
add name=dhcp_pool1 ranges=192.168.10.2-192.168.10.254
/ip dhcp-server
add address-pool=default-dhcp interface=bridge name=defconf
add address-pool=dhcp_pool1 interface=vlan10-HOME name=dhcp1
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface bridge vlan
add bridge=bridge tagged=ether3 vlan-ids=10
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=pppoe-out1 list=WAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=192.168.88.0
add address=192.168.10.1/24 interface=vlan10-HOME network=192.168.10.0
/ip dhcp-client
add comment=defconf interface=ether1
/ip dhcp-server network
add address=192.168.10.0/24 dns-server=1.1.1.1 gateway=192.168.10.1
add address=192.168.88.0/24 comment=defconf dns-server=192.168.88.1 gateway=192.168.88.1



# model = L41G-2axD
/interface bridge
add name=bridge1 vlan-filtering=yes
/interface wifi
set [ find default-name=wifi1 ] channel.band=2ghz-ax .width=20/40mhz configuration.country=Spain .mode=ap .ssid=VLAN10-HOME disabled=no name=VLAN10-HOME
/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=VLAN10-HOME pvid=10
/interface bridge vlan
add bridge=bridge1 tagged=ether1 vlan-ids=10
/ip dhcp-client
add interface=bridge1
/system note
set show-at-login=no
/system routerboard settings
set auto-upgrade=yes

Is there something I'm missing with the new driver?

Thanks!

anav · Thu Mar 28, 2024 9:43 pm

What is the point of VLAN10 ( aka home )/
Or more accurately, what is the point of the BRIDGE subnet you still have??

Seeing as you have the haplite, ( two separate 2.4ghz wifi setups), do you plan on a home wifi network and a guest or IOT wifi network)

TheCat12 · Thu Mar 28, 2024 10:21 pm

All of the questions of @anav are valid and I would be curious for their answers but one of the problems I see is that you haven't added the bridge as a tagged interface in the bridge VLAN table on the RB750r2

fibracapi · Fri Mar 29, 2024 12:58 am

What is the point of VLAN10 ( aka home )/
Or more accurately, what is the point of the BRIDGE subnet you still have??

Seeing as you have the haplite, ( two separate 2.4ghz wifi setups), do you plan on a home wifi network and a guest or IOT wifi network)

I was trying to set up WiFi for home, IoT and Guests, but since it didn't work, I deleted everything and started from 0 with the basics, actually VLAN10 will be for IoT, it still doesn't even have WiFi security.

I have added the bridge "/interface bridge vlan
add bridge=bridge tagged=bridge,ether2,ether3 vlan-ids=10
"and it still doesn't work.

fibracapi · Fri Mar 29, 2024 1:00 am

All of the questions of @anav are valid and I would be curious for their answers but one of the problems I see is that you haven't added the bridge as a tagged interface in the bridge VLAN table on the RB750r2

I replied to the colleague, I hope this helps to find the error. I already have the bridge configured;

/interface bridge
add comment=defconf name=bridge vlan-filtering=yes
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
/interface bridge vlan
add bridge=bridge tagged=bridge,ether2,ether3 vlan-ids=10

but it still doesn't work

anav · Fri Mar 29, 2024 2:20 am

Highly recommend the first thing you do on both devices is take ether5 off the bridge assign it an IP address of 192.168.55.1/24 ( as per the configs ).
Then plug in laptop or pc into device on ether5 and change your ethernet card IPV4 settings to lets say 192.168.55.5 and you should have access.

# model = RB750r2
/interface bridge
add auto-mac=no comment=defconf name=bridge vlan-filtering=yes
/interface ethernet
set [ find default-name=ether5 ] name=ether5access
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1 name=pppoe-out1 use-peer-dns=yes user=miuserpppoe
/interface vlan
add interface=bridge name=vlan10-home  vlan-ids=10
add interface=bridge name=vlan20-guests  vlan-ids=20
add interface=bridge name=vlan30-iot   vlan-ids=30
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
add name=TRUSTED
/ip pool
add name=dhcp_pool10 ranges=192.168.10.2-192.168.10.254
add name=dhcp_pool20  ranges=192.168.20.10-192.168.20.254
add name-dhcp_poo30  ranges=192.168.30.2-192.168.30.254
/ip dhcp-server
add address-pool=dhcp_pool10 interface=vlan10-home name=server-home
add address-pool=dhcp_pool20 interface=vlan20-guests name=server-guests
add address-pool=dhcp_pool30 interface=vlan20-guests name=server-iot
/interface bridge port
add bridge=bridge ingress-filtering=yes frame-types=admit-priority-and-untagged interface=ether2  pvid=10 comment="home PC"
add bridge=bridge ingress-filtering=yes frame-types=admit-priority-and-untagged interface=ether3  pvid=10 comment="home PC"
add bridge=bridge ingress-filtering=yes frame-types=admit-only-vlan-tagged interface=ether4  pvid=10  comment="trunk to haplite"
/ip neighbor discovery-settings
set discover-interface-list=TRUSTED
/interface bridge vlan
add bridge=bridge tagged=bridge,ether4  untagged=ether2,ether3  vlan-ids=10
add bridge=bridge tagged=bridge,ether4  vlan-ids=20,30
/interface list member
add comment=defconf interface=pppoe-out1 list=WAN
add interface=vlan10-home  list=LAN
add interface=vlan20-home  list=LAN
add interface=vlan30-home  list=LAN
add interface=vlan10-home  list=TRUSTED
add interface=ether5access list=TRUSTED
/ip address
add address=192.168.10.1/24 interface=vlan10-home network=192.168.10.0
add address=192.168.20.1/24 interface=vlan20-guests network=192.168.20.0
add address=192.168.30.1/24 interface=vlan30-iot network=192.168.30.0
add address=192.168.55.1/24 interface=ether5access network=192.168.55.0
/ip dhcp-client
add comment=defconf interface=ether1  default-route=yes
/ip dhcp-server network
add address=192.168.10.0/24 dns-server=192.168.10.1 gateway=192.168.10.1
add address=192.168.20.0/24 dns-server=192.168.20.1 gateway=192.168.20.1
add address=192.168.30.0/24 dns-server=192.168.30.1 gateway=192.168.30.1
/ip dns
set allow-remote-requests=yes servers=1.1.1.1
/ip firewall address-list   { using static set DHCP leases }
add address=192.168.10.XY  list=Authorized  comment='admin pc wired"
add address=192.168.10.AB list=Authorized  comment='admin laptop wifi"
add address=192.168.10.DE list=Authorized  comment='admin smartphone wifi"
add address=192.168.55.0/24  list=Authorized comment="config via ether5 "
/ip firewall filter
add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
    invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment=\
    "defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=accept chain=input comment="admin access only"  in-interface-list=TRUSTED src-address-list=Authorized
add action=accept chain=input comment="user access to dns"  in-interface-list=LAN dst-port=53 protocol=udp
add action=accept chain=input comment="user access to dns"  in-interface-list=LAN dst-port=53 protocol=tcp
add action=drop  chain=input comment="Drop all else"   { add this rule LAST }
+++++++++++++++++++++++++++++++++
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
    connection-state=established,related hw-offload=yes
add action=accept chain=forward comment=\
    "defconf: accept established,related, untracked" connection-state=\
    established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
    connection-state=invalid
add action=accept chain=forward comment=internet traffic in-inteface-list=LAN out-interface-list=WAN 
add action=accept chain=forward comment="port fowarding"   connection-nat-state=dstnat disabled=yes  { enable if required }
add action=drop chain=forward comment="Drop all else"
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
/tool mac-server
set allowed-interface-list=NONE
/tool mac-server mac-winbox
set allowed-interface-list=TRUSTED


# model = L41G-2axD
/interface bridge
add name=bridge1 vlan-filtering=yes
/interface vlan
add interface=bridge name=vlan10-house  vlan-ids=10
/interface ethernet
set [ find default-name=ether5 ] name=ether5access
/interface wifi
set [ find default-name=wifi1 ] channel.band=2ghz-ax .width=20/40mhz configuration.country=Spain .mode=ap .ssid=HOME-users  name=wifi-home
set [ find default-name=wifi2 ] channel.band=2ghz-ax .width=20/40mhz configuration.country=Spain .mode=ap .ssid=GUEST-users  name=wifi-guests
set   master=wifi-guests  configuration.country=Spain .mode=ap .ssid=IOTs  name=wifi-iot
/interface list
add name=TRUSTED
/ip neighbor discovery-settings
set discover-interface-list=TRUSTED
/interface bridge port
add bridge=bridge1 ingress-filtering=yes frame-types=admit-only-vlan-tagged  interface=ether1 comment="trunk port from hex"
add bridge=bridge1 ingress-filtering=yes frame-types=admit-priority-and-untagged interface=ether2 pvid=10
add bridge=bridge1  ingress-filtering=yes frame-types=admit-priority-and-untagged interface=ether3 pvid=10
add bridge=bridge1  ingress-filtering=yes frame-types=admit-priority-and-untagged interface=ether4 pvid=10
add bridge=bridge1  ingress-filtering=yes frame-types=admit-priority-and-untagged interface=wifi-home  pvid=10
add bridge=bridge1  ingress-filtering=yes frame-types=admit-priority-and-untagged interface=wifi-guests  pvid=20
add bridge=bridge1  ingress-filtering=yes frame-types=admit-priority-and-untagged interface=wifi-iot  pvid=30
/interface bridge vlan
add bridge=bridge1 tagged=bridge1,ether1   untagged=ether2,ether3,ether4,wifi-home  vlan-ids=10
add bridge=bridge tagged=bridge  untagged=wifi-guests  vlan-ids=20
add bridge=bridge tagged=bridge  untagged=wifi-iot  vlan-ids=30
/interface list members
add interface=vlan10-house list=TRUSTED
add interface=ether5access list=TRUSTED
/ip address
add address=192.168.10.X/24 interface=vlan10-house network=192.168.10.0 comment="static setting of haplite IP address"
/ip dns
set allow-remote-requests=yes servers=192.168.10.1
/ip dhcp-client
add interface=      disabled=yes
/ip route
add dst-address=0.0.0.0/0 gateway=192.168.10.1
/tool mac-server
set allowed-interface-list=NONE
/tool mac-server mac-winbox
set allowed-interface-list=TRUSTED

fibracapi · Fri Mar 29, 2024 12:12 pm

The problem seems to be solved, the devices now connect to the Wi-Fi and obtain IP from the corresponding DHCP server, I have only had to change settings on the Access Point equipment.

Before;

#model = L41G-2axD
/interface bridge
add name=bridge1 vlan-filtering=yes
/interface wifi
set [ find default-name=wifi1 ] channel.band=2ghz-ax .width=20/40mhz configuration.country=Spain .mode=ap .ssid=VLAN10-HOME disabled=no name=VLAN10-HOME
/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=VLAN10-HOME pvid=10
/interface bridge vlan
add bridge=bridge1 tagged=ether1 vlan-ids=10
/ip dhcp-client
add interface=bridge1
/system note
set show-at-login=no
/system routerboard settings
set auto-upgrade=yes

Now;

#model = L41G-2axD
/interface bridge
add name=bridge1
/interface wifi
set [ find default-name=wifi1 ] channel.band=2ghz-ax .frequency=2452 .width=20/40mhz-Ce configuration.country=Spain .mode=ap .ssid=VLAN10-TEST datapath.vlan-id=10 disabled=no name=VLAN10-TEST
/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=VLAN10-TEST pvid=10
/system note
set show-at-login=no
/system routerboard settings
set auto-upgrade=yes

Basic VLAN configuration is not working - new driver wave 2

Basic VLAN configuration is not working - new driver wave 2

Re: Basic VLAN configuration is not working - new driver wave 2

Re: Basic VLAN configuration is not working - new driver wave 2

Re: Basic VLAN configuration is not working - new driver wave 2

Re: Basic VLAN configuration is not working - new driver wave 2

Re: Basic VLAN configuration is not working - new driver wave 2

Re: Basic VLAN configuration is not working - new driver wave 2

Who is online