I´ve got an issue with my VLAN configuration: The client is connected to 172.16.10.0/24
- If I connect the client to ether3, Winbox can connect to the RB Board via MAC
- If I connect the client to a port on my external switch (Cisco SG250) through the configured trunk (SFP-Port) the WinBox Tool cannot connect to the RB. I also use VLAN10.
I also disabled all firewll rules but it still does not work. What is the reason and why can I connect to the RB via "local Port: ether 3" but not via switch connceted via the SFP trunk. I do not understand this.
Here is my config:
Code: Select all
# may/25/2018 11:18:33 by RouterOS 6.42.2
/interface bridge
add fast-forward=no name=br_vlan vlan-filtering=yes
/interface vlan
add interface=br_vlan name=vlan1 vlan-id=1
add interface=br_vlan name=vlan10 vlan-id=10
add interface=br_vlan name=vlan20 vlan-id=20
add interface=br_vlan name=vlan99 vlan-id=99
/interface list
add name=WAN
add name=LAN
/ip pool
add name=pool_admin ranges=172.16.1.101-172.16.1.199
add name=pool_vlan10 ranges=172.16.10.100-172.16.10.199
add name=pool_vlan20 ranges=172.16.20.100-172.16.20.199
add name=pool_vlan99 ranges=192.168.1.100-192.168.1.199
/ip dhcp-server
add address-pool=pool_admin disabled=no interface=vlan1 name=dhcp_admin
add address-pool=pool_vlan10 disabled=no interface=vlan10 name=dhcp_vlan10
add address-pool=pool_vlan20 disabled=no interface=vlan20 name=dhcp_vlan20
add address-pool=pool_vlan99 disabled=no interface=vlan99 name=dhcp_vlan99
/interface bridge port
add bridge=br_vlan hw=no interface=sfp1
add bridge=br_vlan frame-types=admit-only-untagged-and-priority-tagged \
interface=ether2
add bridge=br_vlan frame-types=admit-only-untagged-and-priority-tagged \
interface=ether3 pvid=10
add bridge=br_vlan frame-types=admit-only-untagged-and-priority-tagged \
interface=ether4 pvid=20
add bridge=br_vlan frame-types=admit-only-untagged-and-priority-tagged \
interface=ether10 pvid=99
/interface bridge vlan
add bridge=br_vlan tagged=br_vlan,vlan1 untagged=sfp1 vlan-ids=1
add bridge=br_vlan tagged=sfp1,br_vlan,vlan10 untagged=ether3 vlan-ids=10
add bridge=br_vlan tagged=sfp1,br_vlan,vlan20 untagged=ether4 vlan-ids=20
add bridge=br_vlan tagged=sfp1,br_vlan,vlan99 untagged=ether10 vlan-ids=99
/interface list member
add interface=ether1 list=WAN
add interface=br_vlan list=LAN
/ip address
add address=172.16.1.1/24 interface=vlan1 network=172.16.1.0
add address=172.16.10.1/24 interface=vlan10 network=172.16.10.0
add address=172.16.20.1/24 interface=vlan20 network=172.16.20.0
add address=192.168.1.1/24 interface=vlan99 network=192.168.1.0
...and it seems to be that Google translate is sometimes a little bit "unsure" as well!