Szia, a router-en próbáltam ilyen módon is beállítani, de az AP WLAN-on keresztül továbbra sem használható a VLAN41-es hálózat.
Az AP-n local forwarding miatt alapból van egy bridge1, ahová az ether1, wlan1-3 interface-ek vannak add-olva.
Na már most, ha én hozzáadok egy VLAN41-est az ether1-hez (mert a POE miatt arra van rádugva a router-re), létrehozok egy bridge2-t, hozzáadom a VLAN41-est és az ether2-5-öt, beállítom a gatewayt, akkor működik vezetékesen, de WLAN-on nem. De ha ahogy te írtad, eltávolítom a VLAN41-et a bridge2-ből és az ether1 interface-ről és bridge vlan filteringet használok, akkor WLAN-on meg, de vezetékesen nem és ping-elni sem tudom a routert.
Jelenleg így állok:
AP:
/interface bridge
add name=LAN
add name=WLAN
/interface wireless
set [ find default-name=wlan1 ] disabled=no ssid=MikroTik
set [ find default-name=wlan2 ] ssid=MikroTik
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/interface bridge port
add bridge=WLAN interface=ether1
add bridge=LAN interface=ether2
add bridge=LAN interface=ether3
add bridge=LAN interface=ether4
/interface bridge vlan
add bridge=LAN tagged=ether1 untagged=ether2,ether3,ether4,ether5 vlan-ids=41
/interface wireless cap
set bridge=WLAN discovery-interfaces=WLAN enabled=yes interfaces=wlan1
/ip address
add address=192.168.41.100/24 interface=LAN network=192.168.41.0
/ip dns
set servers=1.1.1.1
/ip route
add distance=1 gateway=192.168.41.1
/system identity
set name=ClientVLAN interface-es router:
/caps-man configuration
add country=hungary datapath.local-forwarding=yes datapath.vlan-id=41 datapath.vlan-mode=use-tag hide-ssid=no mode=ap name=Company security.authentication-types=wpa2-psk \
security.passphrase=companypassword ssid=Company
add country=hungary datapath.local-forwarding=yes datapath.vlan-id=43 datapath.vlan-mode=use-tag hide-ssid=no mode=ap name=Guest security.authentication-types=wpa2-psk \
security.passphrase=guestpassword ssid=Guest
add country=hungary datapath.local-forwarding=yes datapath.vlan-id=47 datapath.vlan-mode=use-tag hide-ssid=no mode=ap name=Private security.authentication-types=wpa2-psk \
security.passphrase=privatepassword ssid=Private
/interface bridge
add name=CompanyBridge
add name=GuestBridge
add name=PrivateBridge
/interface wireless
set [ find default-name=wlan1 ] ssid=MikroTik
set [ find default-name=wlan2 ] ssid=MikroTik
/interface vlan
add interface=ether3 name=VLAN413 vlan-id=41
add interface=ether4 name=VLAN414 vlan-id=41
add interface=ether3 name=VLAN433 vlan-id=43
add interface=ether4 name=VLAN434 vlan-id=43
add interface=ether3 name=VLAN473 vlan-id=47
add interface=ether4 name=VLAN474 vlan-id=47
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=CompanyPool ranges=192.168.41.100-192.168.41.200
add name=GuestPool ranges=192.168.43.100-192.168.43.200
add name=PrivatePool ranges=192.168.47.100-192.168.47.200
/ip dhcp-server
add address-pool=CompanyPool disabled=no interface=CompanyBridge name=CompanyDHCP
add address-pool=GuestPool disabled=no interface=GuestBridge name=GuestDHCP
add address-pool=PrivatePool disabled=no interface=PrivateBridge name=PrivateDHCP
/caps-man manager
set enabled=yes
/caps-man manager interface
set [ find default=yes ] forbid=yes
add disabled=no interface=ether3
add disabled=no interface=ether4
/caps-man provisioning
add action=create-dynamic-enabled master-configuration=Company slave-configurations=Guest,Private
/interface bridge port
add bridge=CompanyBridge interface=ether2
add bridge=CompanyBridge interface=VLAN413
add bridge=CompanyBridge interface=VLAN414
add bridge=GuestBridge interface=VLAN433
add bridge=GuestBridge interface=VLAN434
add bridge=PrivateBridge interface=VLAN473
add bridge=PrivateBridge interface=VLAN474
/ip address
add address=192.168.41.1/24 interface=CompanyBridge network=192.168.41.0
add address=192.168.43.1/24 interface=GuestBridge network=192.168.43.0
add address=192.168.47.1/24 interface=PrivateBridge network=192.168.47.0
/ip dhcp-server network
add address=192.168.41.0/24 dns-server=1.1.1.1 gateway=192.168.41.1
add address=192.168.43.0/24 dns-server=1.1.1.1 gateway=192.168.43.1
add address=192.168.47.0/24 dns-server=1.1.1.1 gateway=192.168.47.1
/ip dns
set servers=1.1.1.1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/system clock
set time-zone-name=Europe/Budapest
/system identity
set name=RouterUgyanez a router, csak ahogy te mondtad:
/caps-man configuration
add country=hungary datapath.local-forwarding=yes datapath.vlan-id=41 datapath.vlan-mode=use-tag hide-ssid=no mode=ap name=Company \
security.authentication-types=wpa2-psk security.passphrase=companypassword ssid=Company
add country=hungary datapath.local-forwarding=yes datapath.vlan-id=43 datapath.vlan-mode=use-tag hide-ssid=no mode=ap name=Guest \
security.authentication-types=wpa2-psk security.passphrase=guestpassword ssid=Guest
add country=hungary datapath.local-forwarding=yes datapath.vlan-id=47 datapath.vlan-mode=use-tag hide-ssid=no mode=ap name=Private \
security.authentication-types=wpa2-psk security.passphrase=privatepassword ssid=Private
/interface bridge
add name=CompanyBridge pvid=41 vlan-filtering=yes
add name=GuestBridge
add name=PrivateBridge
/interface wireless
set [ find default-name=wlan1 ] ssid=MikroTik
set [ find default-name=wlan2 ] ssid=MikroTik
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=CompanyPool ranges=192.168.41.100-192.168.41.200
add name=GuestPool ranges=192.168.43.100-192.168.43.200
add name=PrivatePool ranges=192.168.47.100-192.168.47.200
/ip dhcp-server
add address-pool=CompanyPool disabled=no interface=CompanyBridge name=CompanyDHCP
add address-pool=GuestPool disabled=no interface=GuestBridge name=GuestDHCP
add address-pool=PrivatePool disabled=no interface=PrivateBridge name=PrivateDHCP
/caps-man manager
set enabled=yes
/caps-man manager interface
set [ find default=yes ] forbid=yes
add disabled=no interface=ether3
add disabled=no interface=ether4
/caps-man provisioning
add action=create-dynamic-enabled master-configuration=Company slave-configurations=Guest,Private
/interface bridge vlan
add bridge=CompanyBridge tagged=ether2,ether3,ether4 vlan-ids=41
add bridge=GuestBridge tagged=ether3,ether4 vlan-ids=43
add bridge=PrivateBridge tagged=ether3,ether4 vlan-ids=47
/ip address
add address=192.168.41.1/24 interface=CompanyBridge network=192.168.41.0
add address=192.168.43.1/24 interface=GuestBridge network=192.168.43.0
add address=192.168.47.1/24 interface=PrivateBridge network=192.168.47.0
/ip dhcp-server network
add address=192.168.41.0/24 dns-server=1.1.1.1 gateway=192.168.41.1
add address=192.168.43.0/24 dns-server=1.1.1.1 gateway=192.168.43.1
add address=192.168.47.0/24 dns-server=1.1.1.1 gateway=192.168.47.1
/ip dns
set servers=1.1.1.1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/system clock
set time-zone-name=Europe/Budapest
/system identity
set name=RouterItt sajnos az ether2-re kiadott 41-es VLAN hálózat nem működik már.