Its my first contact with MikroTik products and i really don't know how to describe this problem very well.. Im sorry for the title.

Here is what im trying to accomplish. eth3 needs to be on the same subnet as the eth2 using the built-in switch. Eth3 has an AP with vlan20 and every device goes to the right subnet but not a single one can connect to the outside world, neither i can ping them. One of the SSIDs on the same AP has no vlans and is working fine.


I think i need to change something in Switch in regards to vlans. Documentation shows a lot of stuff i don't know technically. I just need a AP in eth3 with vlan_id 20, What im doing wrong? Again, interface is up and giving the right IP to devices, the problem is, i cant reach anything on lan/wan.

eth1-wan
eth2-lan master port
--------vlan20
eth3-slave-----------------1 AP - 4 SSIDs, those with no vlans works fine, the one with VLAN 20 dont.
eth4-slave
eth5-slave

/interface ethernet
set [ find default-name=ether1 ] name=ether1-gate
set [ find default-name=ether3 ] master-port=ether2
set [ find default-name=ether4 ] master-port=ether2
set [ find default-name=ether5 ] master-port=ether2
/interface pppoe-client
add add-default-route=yes comment="pppoe dialer" disabled=no interface=ether1-gate name=pppoe-out1 password=XXXXXX user=XXXXXXXX
/ip neighbor discovery
set pppoe-out1 comment="pppoe dialer"
/interface vlan
add interface=ether2 l2mtu=1594 name=vlan20 vlan-id=20
/ip pool
add name="pool lan" ranges=10.70.1.100-10.70.1.250
add name="pool vlan20" ranges=10.1.20.10-10.1.20.250
/ip dhcp-server
add address-pool="pool lan" disabled=no interface=ether2 lease-time=1d name="dhcp lan"
add address-pool="pool vlan20" disabled=no interface=vlan20 lease-time=1d name="dhcp vlan20"
/ip address
add address=10.70.1.1/24 comment=lan interface=ether2 network=10.70.1.0
add address=10.1.20.0/24 comment=vlan20 interface=vlan20 network=10.1.20.0
/ip dhcp-server lease
add address=10.70.1.30 client-id=1:xxxxxxxxxxxxx comment=desktop mac-address=xxxxxxxx server="dhcp lan"
add address=10.70.1.10 comment=unifi-controller mac-address=08:00:27:77:F4:BD server="dhcp lan"
add address=10.70.1.11 client-id=1:xxxxxxxxxxx comment=uap-1 mac-address=xxxxxxxxx server="dhcp lan"
add address=10.70.1.20 client-id=1:xxxxxxx comment=printer mac-address=xxxxxxxxxxx server="dhcp lan"
add address=10.1.20.125 client-id=1:xxxxxxxxxxxx comment="smartphone 2" mac-address=xxxxxxxxserver="dhcp vlan20"
add address=10.1.20.53 client-id=1:xxxxxxxxxxx comment="smartphone 3" mac-address=xxxxxxxxxxxxxserver="dhcp vlan20"
add address=10.70.1.246 client-id=1:xxxxxxx comment="smartphone 1" mac-address=xxxxxxxx server="dhcp lan"
/ip dhcp-server network
add address=10.1.20.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=10.1.20.0
add address=10.70.1.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=10.70.1.1 netmask=24
/ip firewall filter
add action=drop chain=input comment="Drop Invalid connections" connection-state=invalid
add chain=input comment="Allow Established connections" connection-state=established
add chain=input comment="Allow ICMP" protocol=icmp
add action=drop chain=input comment="Drop everything else"
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-out1
/system clock
set time-zone-name=America/Sao_Paulo
/system routerboard settings
set cpu-frequency=650MHz protected-routerboot=disabled
/tool romon port
ad

Looks like the problem was this line. Fixed, but somehow the problem persisted. Created another vlan and its running fine now. There is no magic like i was thinking, just set slave ports and create vlan interfaces under master eth.

add address=10.1.20.0/24 comment=vlan20 interface=vlan20 network=10.1.20.0