I am trying to set up ether2 as an access port on VLAN 10 with a DHCP server on that VLAN. I ran the following to create the VLAN and assign the access port:
I was hoping this would allocate IPs in the 10.10.110.2-10.10.110.254 range on ether2, but I don't get an IP allocated when connecting to this port.
I am running RouterOS 7.13 on a hAP ac². I've seen some guides showing adding ether2 as an untagged port on the bridge (under /interface bridge vlan), but it seems like this is already created dynamically by RouterOS.
I assume I'm missing something obvious. Here's my full configuration as it is now (the majority of it is stock):
My current setup connects to another wireless AP using wlan3 (5GHz) and uses that as the WAN interface. Can anyone see what's wrong with my configuration?
Code:
/interface bridgeset [find name=bridge] vlan-filtering=yes/interface vlanadd interface=bridge name=vpn vlan-id=10/ip pooladd name=vpn ranges=10.10.110.2-10.10.110.254/ip dhcp-serveradd address-pool=vpn interface=vpn lease-time=10m name=vpn/interface bridge portset [find bridge=bridge interface=ether2] frame-types=\ admit-only-untagged-and-priority-tagged pvid=10/ip addressadd address=10.10.110.1/24 interface=vpn network=10.10.110.0/ip dhcp-server networkadd address=10.10.110.0/24 gateway=10.10.110.1I am running RouterOS 7.13 on a hAP ac². I've seen some guides showing adding ether2 as an untagged port on the bridge (under /interface bridge vlan), but it seems like this is already created dynamically by RouterOS.
I assume I'm missing something obvious. Here's my full configuration as it is now (the majority of it is stock):
Code:
# 2023-12-27 20:33:27 by RouterOS 7.13# software id = XXXX-XXXX## model = RBD52G-5HacD2HnD# serial number = XXXXXXXXXXXX/interface bridgeadd admin-mac=XX:XX:XX:XX:XX:XX auto-mac=no comment=defconf \ ingress-filtering=no name=bridge port-cost-mode=short vlan-filtering=yes/interface vlanadd interface=bridge name=vpn vlan-id=10/interface listadd comment=defconf name=WANadd comment=defconf name=LAN/interface lte apnset [ find default=yes ] ip-type=ipv4 use-network-apn=no/interface wireless security-profilesset [ find default=yes ] supplicant-identity=MikroTikadd authentication-types=wpa2-psk mode=dynamic-keys name=XXX \ supplicant-identity=MikroTik/interface wirelessset [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX \ country="united kingdom" disabled=no distance=indoors frequency=2437 \ installation=indoor mode=ap-bridge security-profile=XXX ssid=XXX \ wireless-protocol=802.11set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=\ 20/40/80mhz-XXXX disabled=no distance=indoors frequency=auto \ installation=indoor mode=ap-bridge security-profile=XXX ssid=XXX \ wireless-protocol=802.11add disabled=no mac-address=XX:XX:XX:XX:XX:XX master-interface=wlanX mode=\ station name=wlan3 ssid=XXX wds-default-bridge=bridge/ip pooladd name=default-dhcp ranges=10.10.10.2-10.10.10.254add name=vpn ranges=10.10.110.2-10.10.110.254/ip dhcp-serveradd address-pool=default-dhcp interface=bridge lease-time=10m name=defconfadd address-pool=vpn interface=vpn lease-time=10m name=vpn/routing bgp templateset default disabled=no output.network=bgp-networks/routing ospf instanceadd disabled=no name=default-v2/routing ospf areaadd disabled=yes instance=default-v2 name=backbone-v2/interface bridge portadd bridge=bridge comment=defconf frame-types=\ admit-only-untagged-and-priority-tagged ingress-filtering=no interface=\ ether2 internal-path-cost=10 path-cost=10 pvid=10add bridge=bridge comment=defconf ingress-filtering=no interface=ether3 \ internal-path-cost=10 path-cost=10add bridge=bridge comment=defconf ingress-filtering=no interface=ether4 \ internal-path-cost=10 path-cost=10add bridge=bridge comment=defconf ingress-filtering=no interface=ether5 \ internal-path-cost=10 path-cost=10add bridge=bridge comment=defconf ingress-filtering=no interface=wlan1 \ internal-path-cost=10 path-cost=10add bridge=bridge comment=defconf ingress-filtering=no interface=wlan2 \ internal-path-cost=10 path-cost=10/ip neighbor discovery-settingsset discover-interface-list=LAN/ip settingsset max-neighbor-entries=8192/ipv6 settingsset disable-ipv6=yes max-neighbor-entries=8192/interface list memberadd comment=defconf interface=bridge list=LANadd comment=defconf interface=ether1 list=WANadd interface=wlan3 list=WAN/ip addressadd address=10.10.10.1/24 interface=bridge network=10.10.10.0add address=10.10.110.1/24 interface=vpn network=10.10.110.0/ip dhcp-clientadd comment=defconf interface=ether1add interface=wlan3/ip dhcp-server networkadd address=10.10.10.0/24 comment=defconf gateway=10.10.10.1add address=10.10.110.0/24 gateway=10.10.110.1/ip dnsset allow-remote-requests=yes/ip dns staticadd address=10.10.10.1 comment=defconf name=router.lan/ip firewall filteradd action=accept chain=input comment=\ "defconf: accept established,related,untracked" connection-state=\ established,related,untrackedadd action=drop chain=input comment="defconf: drop invalid" connection-state=\ invalidadd action=accept chain=input comment="defconf: accept ICMP" protocol=icmpadd action=accept chain=input comment=\ "defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1add action=drop chain=input comment="defconf: drop all not coming from LAN" \ in-interface-list=!LANadd action=accept chain=forward comment="defconf: accept in ipsec policy" \ ipsec-policy=in,ipsecadd action=accept chain=forward comment="defconf: accept out ipsec policy" \ ipsec-policy=out,ipsecadd action=fasttrack-connection chain=forward comment="defconf: fasttrack" \ connection-state=established,related hw-offload=yesadd action=accept chain=forward comment=\ "defconf: accept established,related, untracked" connection-state=\ established,related,untrackedadd action=drop chain=forward comment="defconf: drop invalid" \ connection-state=invalidadd action=drop chain=forward comment=\ "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \ connection-state=new in-interface-list=WAN/ip firewall natadd action=masquerade chain=srcnat comment="defconf: masquerade" \ ipsec-policy=out,none out-interface-list=WAN/routing bfd configurationadd disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5/system clockset time-zone-name=Europe/London/system noteset show-at-login=no/tool mac-serverset allowed-interface-list=LAN/tool mac-server mac-winboxset allowed-interface-list=LANStatistics: Posted by jackwilsdon — Wed Dec 27, 2023 10:43 pm