MikroTik

Community discussions
https://forum.mikrotik.com/

VLAN by MAC Address Hap AC2

https://forum.mikrotik.com/viewtopic.php?t=161828

Page 1 of 1

VLAN by MAC Address Hap AC2

Posted: Mon Jun 01, 2020 10:15 am
by pentim
Hello,

I'm trying to assign specific clients by mac address to specific VLANs using Hap AC2. The case for me is exact the same as in this topic viewtopic.php?t=73901 but when I try to add the switch rule, I get following error message:
Code: Select all
Couldn't change Switch Rule <34:D0:B8:C0:XX:XX/FF:FF:FF:FF:FF:FF> - new-vlan-id not supported for this switch (6)
Does it mean it will not work for my router board? Is there maybe an other way to do it?

Re: VLAN by MAC Address Hap AC2

Posted: Mon Jun 01, 2020 11:17 am
by tdw
According to the Wiki https://wiki.mikrotik.com/wiki/Manual:S ... Rule_Table only the now ancient Atheros 8316 switch chip can alter VLAN IDs.

A common technique is to use 802.1x and macauth. Mikrotik implemented 802.1x in v6.45 onwards, and there are limitations - as it requires a VLAN-aware bridge the traffic will be handled by the CPU rather than switch chip, and it requires an external RADIUS server as the user manager package does not have the necessary features.

Bridge filters may work, again traffic would be handled by the CPU rather than switch chip.

Re: VLAN by MAC Address Hap AC2

Posted: Mon Jun 01, 2020 11:50 am
by pentim
Could you please provide any example of the bridge filtering?

Re: VLAN by MAC Address Hap AC2

Posted: Tue Jun 09, 2020 1:43 am
by tdw
It doesn't appear to be capable, the rules can match packets but there are no suitable actions.
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/