Hello, I'm using hAP ax lite as an AP/router, and I'd like to bridge WAN to a specific VLAN as I want that the virtual machines in the server are directly visible to outside world. Currently I'm doing that with a 8-port gigabit managed switch, which I have basically divided into two separate switches by setting ports 1-3 as access ports for VLAN10 (WAN) and 4-8 for VLAN20 (LAN). This has worked well enough, but I'm upgrading my LAN to 2,5G, and managed switches that have more than 5 ports are pretty expensive. So I bought an Ubiquiti Flex Mini 2,5G, which has five ports. I could solve the issue by using a separate gigabit switch for the WAN side, but I figured that I could avoid having two physical devices by utilizing VLANs.
Here's a diagram of the layout. The switch is located in a metal cabinet that has the patch panel. WAN ethernet comes directly into the patch panel, and there are two cables going to each room. One room has router and device x, second room server (two NICs, one for WAN & virtual machines and one for LAN & NAS use) and third desktop and device y. I can't put the router into the metal cabinet, because then wifi wouldn't work.
Configuring the switch is straightforward enough, port 1 is trunk port and rest are access ports for respective VLANs. But how should I configure the hAP ax lite? I get that WAN should be access port for VLAN 10, one of the ports should be trunk port for VLAN10 & VLAN20 and the rest should be access ports for VLAN20. I was reading this guide, and it seems to be a bit different situation, as it's describing how to configure a switch. Apparently NAT is configured as a bridge in the router, so would simply applying instructions in that guide mess it up? Ie. should I add another bridge that simply defines the trunk and access ports, or should I modify the existing bridge config?
https://help.mikrotik.com/docs/spaces/R ... +switching
Here's a diagram of the layout. The switch is located in a metal cabinet that has the patch panel. WAN ethernet comes directly into the patch panel, and there are two cables going to each room. One room has router and device x, second room server (two NICs, one for WAN & virtual machines and one for LAN & NAS use) and third desktop and device y. I can't put the router into the metal cabinet, because then wifi wouldn't work.
Configuring the switch is straightforward enough, port 1 is trunk port and rest are access ports for respective VLANs. But how should I configure the hAP ax lite? I get that WAN should be access port for VLAN 10, one of the ports should be trunk port for VLAN10 & VLAN20 and the rest should be access ports for VLAN20. I was reading this guide, and it seems to be a bit different situation, as it's describing how to configure a switch. Apparently NAT is configured as a bridge in the router, so would simply applying instructions in that guide mess it up? Ie. should I add another bridge that simply defines the trunk and access ports, or should I modify the existing bridge config?
https://help.mikrotik.com/docs/spaces/R ... +switching
Statistics: Posted by Mike25 — Fri Apr 18, 2025 2:31 pm