Hello All,
I have been working in my lab to configure a pmp option for a customer that has a closed network to provide access to 2 other buildings in the area. These buildings cannot see each other but they can see our tower. The issue is that all my towers are routed and do not have any vlans configured on them.
All I need is a port based vlan to allow traffic to pass between the 2 SMs and not touch my network.
The problem is I have tried setting the sms using untagged id and all seemed to work except that the customers dhcp server was contacting my clients and allowing them to route thru their network. I do not want this to happen.
How do I need to configure my subscribers and my aps to allow a closed network to use my infrastructure?
Can you show us your configuration? If the customer’s SMs are set to a different VLAN from the rest of the network then no traffic should mix
Here is a little topology of what things look like.
MT(Mikrotik)—Switch-AP1,AP6<------>SM1 and SM2
These Are the configs for the Aps and the 2 Subscribers
AP Config
VLAN : Enabled
Always use Local VLAN Config : Enabled
Dynamic Learning : Enabled
Allow Frame Types : All Frames
VLAN Aging Timeout : 25
Management VID : 1
SM Management VID Pass-through : Enable
SM Config 1 & 2
Dynamic Learning : Enabled
Allow Frame Types : Untagged Only
VLAN Aging Timeout :25
Untagged Ingress VID : 100
Management VID : 1
SM Management VID Pass-through :Enabled
Keep in mind that the Aps have never been vlan enabled and so current subscribers are unaware of the change.
I do believe if I configure 2 vlans one for each Subscriber and tell each Subscriber to become a member of the opposing Vlan it should isolate the broadcast domain(switch) the Aps are attached to.
Does that sound correct?