I am trying to achieve this
GOAL
Basically 2 SSIDs v5 and v15 in e410.
If I connect to v5, I'll get vlan5 ip
I need guidance from Cambium
PROBLEMS:
- from e410 can't ping Mikrotik vlan5 ip 10.0.5.1 or vice versa
- from Mikrotik can't ping e410 vlan15 ip 10.0.15.228
CONFIG:
-Monitor/Network/Tunnel status UP
CAMBIUM
management cambium-remote url https://cloud.cambiumnetworks.com
management user admin password $crypt$1$w/Xp3UpofaMqhizbPdlCEfZU7ILYx1yz
management ssh
management cambium-remote
management cambium-remote validate-server-cert
no management telnet
no management http
management http port 80
management https
management https port 443
led
lldp
no poe-out
country-code CN
wpa2-handshake-retry 4 4
wpa2-handshake-timeout 100 500 1000
wpa2-handshake-log-level 4
placement indoor
!
wireless radio 1
no shutdown
channel auto
channel-width 20
channel-list all-channels
data-rate unicast 1b 2b 5.5b 11b 12 18 24 36 48 54
data-rate non-unicast highest-basic
power auto
no airtime-fairness
auto-channel-select on-startup
antenna-gain 5
beacon-interval 100
dynamic-channel-selection
dynamic-channel-selection threshold 100
dynamic-channel-selection samples 20
off-channel-scan dwell-time 50
auto-rf chan-hold-time 120
auto-rf packet-error-rate-threshold 30
auto-rf channel-utilization-threshold 25
mesh-xtnded-dev-list
wmm-parameters downstream txoplimit vi 3008
wmm-parameters downstream txoplimit vo 1504
wmm-parameters upstream txoplimit vi 3008
wmm-parameters upstream txoplimit vo 1504
!
wireless radio 2
no shutdown
channel auto
channel-width 80
channel-list all-channels
data-rate unicast 6b 9 12b 18 24b 36 48 54
data-rate non-unicast highest-basic
power auto
no airtime-fairness
auto-channel-select on-startup
antenna-gain 5
beacon-interval 100
dynamic-channel-selection
dynamic-channel-selection threshold 100
dynamic-channel-selection samples 20
off-channel-scan dwell-time 50
auto-rf chan-hold-time 120
auto-rf packet-error-rate-threshold 30
auto-rf channel-utilization-threshold 25
mesh-xtnded-dev-list
wmm-parameters downstream txoplimit vi 3008
wmm-parameters downstream txoplimit vo 1504
wmm-parameters upstream txoplimit vi 3008
wmm-parameters upstream txoplimit vo 1504
!
wireless wlan 1
ssid v5
no shutdown
vlan 5
security wpa2-psk
no protected-mgmt-frames
passphrase $crypt$1$UPOgD8jDUyHxZnqF2NTpkFqIDDB9LbuJ
band 2.4GHz
dtim-interval 1
allow-tkip
max-associated-client 127
client-cache cnMaestro
tunnel-mode
mac-authentication policy deny
passpoint interworking access-network-type private
no guest-access
dhcp-option82
dhcp-option82 circuit-id vlanid
dhcp-option82 remote-id vlanid
!
wireless wlan 2
ssid v15
no shutdown
vlan 15
security wpa2-psk
no protected-mgmt-frames
passphrase $crypt$1$G67aNNOTPGS/i9IvxBTZrQECrD36p4pK
band 2.4GHz
dtim-interval 1
max-associated-client 127
client-cache cnMaestro
tunnel-mode
mac-authentication policy deny
passpoint interworking access-network-type private
no guest-access
dhcp-option82
dhcp-option82 circuit-id vlanid
dhcp-option82 remote-id vlanid
!
interface eth 1
switchport mode access
switchport access vlan 1
!
interface vlan 1
ip nat inside
ip address zeroconf
management-access all
ip address 192.168.88.228 255.255.255.0
!
interface vlan 5
ip nat inside
management-access all
ip address 10.0.5.228 255.255.255.0
!
interface vlan 15
ip nat inside
management-access all
ip address 10.0.15.228 255.255.255.0
!
ntp server pool.ntp.org
tunnel encapsulation l2gre
!
tunnel l2gre
remote-host 192.168.88.11
dscp 0
mtu 1500
no tcp-mss
!
ip route default 192.168.88.1
ip name-server 1.1.1.1
ip name-server 9.9.9.9
ip domain-name ngtrain.com
!
timezone Asia/Jakarta
hostname E410-97ACF5
no snmp-server
ip gw-source-precedence static 1
ip gw-source-precedence dhcpc 2
ip gw-source-precedence pppoe 3
logging syslog 7
MIKROTIK
/interface bridge
add name=bridgeL2GRE
/interface gre
add clamp-tcp-mss=no mtu=1500 name=gre-tunnel1 remote-address=192.168.88.228
/interface vlan
add interface=bridgeL2GRE name=vlan5 vlan-id=5
add interface=bridgeL2GRE name=vlan15 vlan-id=15
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=poolv5 ranges=10.0.5.101-10.0.5.200
add name=poolv15 ranges=10.0.15.101-10.0.15.200
/ip dhcp-server
add address-pool=poolv5 disabled=no interface=vlan5 name=dhcp1
add address-pool=poolv15 disabled=no interface=vlan15 name=dhcp2
/ppp profile
add bridge=bridgeL2GRE name=pppBridging
/interface bridge port
add bridge=bridgeL2GRE interface=vlan5
add bridge=bridgeL2GRE interface=vlan15
add bridge=bridgeL2GRE interface=ether2
/interface l2tp-server server
set default-profile=pppBridging enabled=yes max-mru=1500 max-mtu=1500
/ip address
add address=192.168.88.11/24 interface=ether1 network=192.168.88.0
add address=10.0.15.1/24 interface=vlan15 network=10.0.15.0
add address=10.0.5.1/24 interface=vlan5 network=10.0.5.0
/ip dhcp-server network
add address=10.0.5.0/24 gateway=10.0.5.1
add address=10.0.15.0/24 gateway=10.0.15.1
/ip dns
set servers=1.1.1.1,9.9.9.9
/ip firewall filter
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
/ip firewall nat
add action=masquerade chain=srcnat
/ip route
add distance=1 gateway=192.168.88.1