a few days ago I decided to take full advantage of the switch chip of my CRS326-24G-2S + RM by configuring the VLANs with the new method (after ROS 6.41 version).
Following some online guides I configured almost everything but for now I can only access with MAC-Winbox. With the old configuration I had configured a dhcp-client on the bridge of the management VLAN, so the CRS326 got an IP address, NTP, routes etc. from dhcp server.
In addition with the old configuration I had also configured the RoMON on the management VLAN.
I made several attempts, I also searched online but could not configure DHCP Client and RoMON using the "new way".
This is my setup:
Code: Select all
# jan/02/1970 20:12:56 by RouterOS 6.48.3
#
# model = CRS326-24G-2S+
/interface bridge
add admin-mac=xx:xx:xx:xx:xx:xx auto-mac=no name=bridge vlan-filtering=yes
/interface vlan
add interface=bridge name=vlan_mgmt vlan-id=330
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/interface bridge port
add bridge=bridge disabled=yes interface=ether1
add bridge=bridge disabled=yes interface=ether2
add bridge=bridge disabled=yes interface=ether3
add bridge=bridge disabled=yes interface=ether4
add bridge=bridge disabled=yes interface=ether5
add bridge=bridge disabled=yes interface=ether6
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether7 pvid=330
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether8 pvid=888
add bridge=bridge interface=ether9 pvid=330
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether10 pvid=330
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether11 pvid=330
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether12 pvid=330
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether13 pvid=330
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether14 pvid=330
add bridge=bridge frame-types=admit-only-vlan-tagged interface=ether15 trusted=yes
add bridge=bridge frame-types=admit-only-vlan-tagged interface=ether16 trusted=yes
add bridge=bridge frame-types=admit-only-vlan-tagged interface=ether17 trusted=yes
add bridge=bridge disabled=yes interface=ether18
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether19 pvid=1010
add bridge=bridge disabled=yes interface=ether20
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether21 pvid=1010
add bridge=bridge disabled=yes interface=ether22
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether23 pvid=1010
add bridge=bridge disabled=yes interface=ether24
add bridge=bridge interface=sfp-sfpplus1 pvid=330
add bridge=bridge disabled=yes interface=sfp-sfpplus2
/ip settings
set rp-filter=strict tcp-syncookies=yes
/interface bridge vlan
add bridge=bridge comment=mgmt tagged=ether15,ether16,ether17 untagged=ether7,ether9,ether10,ether11,ether12,ether13,ether14,sfp-sfpplus1,bridge vlan-ids=330
add bridge=bridge comment=NVR tagged=ether17,ether16 untagged=ether8 vlan-ids=888
add bridge=bridge comment=ARKTECH tagged=ether17,sfp-sfpplus1 untagged=ether23,ether19,ether21 vlan-ids=1010
add bridge=bridge comment=Guest tagged=ether17,ether15,ether16 vlan-ids=333
add bridge=bridge comment=Service tagged=ether17,ether15,ether16 vlan-ids=339
/ip firewall service-port
set ftp disabled=yes
set tftp disabled=yes
set irc disabled=yes
set h323 disabled=yes
set sip disabled=yes
set pptp disabled=yes
set udplite disabled=yes
set dccp disabled=yes
set sctp disabled=yes
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/system routerboard settings
set boot-os=router-os
/tool bandwidth-server
set enabled=no
/tool mac-server
set allowed-interface-list=none
/tool mac-server ping
set enabled=no
