Have a new RB951G-2HnD sitting in front of me, my ISP requires vlan tagging on the wan port that connects to their ONT router.
Nothing else complex just the tag and DHCP.
So far I have tried the steps of default config, remove dhcp client, add vlan1 with service tag 10 to eth1 and re add dhcp client to vlan10.
Also tried remove default conf add vlan1 with tag 10 service tag ticked, add dhcp client to vlan10 add nat rule for masq to vlan10.
But so far no dhcp on wan. Have called ISP and confirmed its done via dhcp.
Any pointers or reading material would be appreciated
Re: RB951G-2HnD vlan tag on WAN port
First option should work .... without service tag I think, only with customer VID
Have you tried using the vlan on the switch chip? Seting this vlan on two of the switch ports (trunk mode) put the provider an your gateway interface on them and wou will see the mac of the provider dhcp server on the host table of the switch, your gategay interface mac, and you'll be able to check vlan tagging.
Have you tried using the vlan on the switch chip? Seting this vlan on two of the switch ports (trunk mode) put the provider an your gateway interface on them and wou will see the mac of the provider dhcp server on the host table of the switch, your gategay interface mac, and you'll be able to check vlan tagging.
Re: RB951G-2HnD vlan tag on WAN port
The service tag was my entire problem, no idea why I didn't think to try without.First option should work .... without service tag I think, only with customer VID
Have you tried using the vlan on the switch chip? Seting this vlan on two of the switch ports (trunk mode) put the provider an your gateway interface on them and wou will see the mac of the provider dhcp server on the host table of the switch, your gategay interface mac, and you'll be able to check vlan tagging.
thank you.
Re: RB951G-2HnD vlan tag on WAN port
i have the same problem here with the same device.
I have tried a lot of configurations, but with no effect.
Tried to connect the ONT on Mikrotik Ether1 and use the pppoe client through vlan 10, unsucess. And tried to connect the Fiber BHS device on Mikrotik ether5 going to Ether1 using vlan20, unsucess too. Getting crazy here.
what i want is:
Use my mikrotik to have the external IP with the pppoe client on vlan10 and the BHS(iptv) coming on ether5 and outing on ether1 on vlan20.
Accepting any suggestions.
Thanks,
Joao Eduardo
I have tried a lot of configurations, but with no effect.
Tried to connect the ONT on Mikrotik Ether1 and use the pppoe client through vlan 10, unsucess. And tried to connect the Fiber BHS device on Mikrotik ether5 going to Ether1 using vlan20, unsucess too. Getting crazy here.
what i want is:
Use my mikrotik to have the external IP with the pppoe client on vlan10 and the BHS(iptv) coming on ether5 and outing on ether1 on vlan20.
Accepting any suggestions.
Thanks,
Joao Eduardo
Re: RB951G-2HnD vlan tag on WAN port
Here is an example using vlan on wan interface. It comes from Malosa, member of the www.adslzone.net forum.
It is made for Movistar FTTH. You can change it to fit your needs.
It is made for Movistar FTTH. You can change it to fit your needs.
Code: Select all
/interface bridge
add auto-mac=yes l2mtu=1598 name=bridge-local protocol-mode=rstp
/interface wireless
set 0 band=2ghz-b/g/n country=spain disabled=no ht-rxchains=0,1 ht-txchains=\
0,1 l2mtu=2290 tx-power=17 tx-power-mode=all-rates-fixed mode=ap-bridge \
wireless-protocol=802.11
/interface ethernet
set 0 name=ether1-gateway
set 1 name=ether2-master-local
set 2 master-port=ether2-master-local name=ether3-slave-local
set 3 master-port=ether2-master-local name=ether4-slave-local
set 4 master-port=ether2-master-local name=ether5-slave-local
/interface vlan
add interface=ether1-gateway l2mtu=1594 name=vlan3 vlan-id=3
add interface=ether1-gateway l2mtu=1594 name=vlan6 vlan-id=6
/interface pppoe-client
add add-default-route=yes allow=pap,chap disabled=no interface=vlan6 \
max-mru=1492 max-mtu=1492 name=pppoe-out1 password=adslppp \
use-peer-dns=yes user=adslppp@telefonicanetpa
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk group-ciphers=\
aes-ccm mode=dynamic-keys unicast-ciphers=aes-ccm \
wpa-pre-shared-key=mikrotik wpa2-pre-shared-key=mikrotik
/ip pool
add name=dhcp ranges=192.168.1.201-192.168.1.249
add name=vpn ranges=192.168.3.10-192.168.3.20
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge-local name=dhcp1
/ppp profile
set 1 dns-server=192.168.3.250 local-address=192.168.3.250 remote-address=vpn
/interface bridge port
add bridge=bridge-local interface=ether2-master-local
add bridge=bridge-local interface=wlan1
/interface pptp-server server
set authentication=mschap2 enabled=yes
/ip address
add address=192.168.1.1/24 comment="default configuration" interface=wlan1
add address=192.168.100.10/24 interface=ether1-gateway
/ip dhcp-client
add add-default-route=no disabled=no interface=vlan3 use-peer-ntp=no
/ip dhcp-server network
add address=192.168.1.0/24 dns-server=192.168.1.1 gateway=192.168.1.1 \
netmask=24
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.1.1 name=router
/ip firewall filter
add chain=input comment="default configuration" protocol=icmp
add chain=input comment="default configuration" connection-state=established
add chain=input comment="default configuration" connection-state=related
add chain=input disabled=yes dst-port=23,80 in-interface=pppoe-out1 protocol=\
tcp
add chain=input dst-port=8291 in-interface=pppoe-out1 protocol=tcp
add chain=input dst-port=1723 in-interface=pppoe-out1 protocol=tcp
add action=drop chain=input comment="default configuration" in-interface=\
pppoe-out1
add chain=forward comment="default configuration" connection-state=\
established
add chain=forward comment="default configuration" connection-state=related
add action=drop chain=forward comment="default configuration" \
connection-state=invalid
/ip firewall mangle
add action=set-priority chain=postrouting new-priority=4 out-interface=vlan3
add action=set-priority chain=postrouting new-priority=1 out-interface=\
pppoe-out1
/ip firewall nat
add action=masquerade chain=srcnat comment="default configuration" \
out-interface=pppoe-out1
add action=masquerade chain=srcnat comment="default configuration" \
out-interface=ether1-gateway
add action=masquerade chain=srcnat comment="default configuration" \
out-interface=vlan3
add action=dst-nat chain=dstnat disabled=yes dst-port=80 in-interface=\
pppoe-out1 protocol=tcp to-addresses=192.168.1.125
add action=dst-nat chain=dstnat disabled=yes dst-port=21 in-interface=\
pppoe-out1 protocol=tcp to-addresses=192.168.1.125
/ip route
add distance=255 gateway=255.255.255.255
/ip upnp
set enabled=yes
/ip upnp interfaces
add interface=bridge-local type=internal
add interface=pppoe-out1 type=external
/routing rip interface
add interface=vlan3 passive=yes receive=v2
/routing rip network
add network=10.0.0.0/8
/system clock
set time-zone-name=Europe/Madrid
/system ntp client
set enabled=yes primary-ntp=163.117.202.33 secondary-ntp=\
89.248.104.162
Who is online
Users browsing this forum: Belette, Bing [Bot] and 22 guests