Skip to content

Instantly share code, notes, and snippets.

@marfillaster

marfillaster/guide.md

Last active September 8, 2024 17:41
Show Gist options
  • Save marfillaster/bb95bce7959d150b264e54de9c496c65 to your computer and use it in GitHub Desktop.
Save marfillaster/bb95bce7959d150b264e54de9c496c65 to your computer and use it in GitHub Desktop.
Download ZIP
Ubiquiti UniFi Guest SSID on VLAN using MikroTik router hybrid port
Raw
guide.md
  • Main network on 192.168.88.0/24
  • Guest network on 172.16.0.0/24 VLAN20
  • UniFi AP is connected to a MikroTik router ether2 via DHCP assignment
  • UniFi AP can be managed on via main network
  • MikroTik initially on default configuration
/interface bridge port
add bridge=bridge interface=ether2

/interface bridge vlan
add bridge=bridge tagged=ether2,bridge vlan-ids=20
add bridge=bridge vlan-ids=1

/interface bridge set [name=bridge] protocol-mode=none vlan-filtering=yes

/interface vlan
add interface=bridge name=GUEST_VLAN20 vlan-id=20

/interface list member
add interface=GUEST_VLAN20 list=LAN

/ip address
add address=172.16.0.1/24 interface=GUEST_VLAN20 network=172.16.0.0

/ip pool
add name=pool-guest ranges=172.16.0.2-172.16.0.254

/ip dhcp-server network
add address=172.16.0.0/24 dns-server=8.8.8.8 gateway=172.16.0.1
/
/ip dhcp-server
add address-pool=pool-guest interface=GUEST_VLAN20 name=dhcp-guest

/ip firewall address-list
add address=192.168.88.0/24 list=main
add address=172.16.0.0/24 list=guest

# prevent guests from accessing main network
/ip firewall filter
add action=drop chain=forward connection-state=new dst-address-list=main in-interface=GUEST_VLAN20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment