Fórum Root.cz
Hlavní témata => Sítě => Téma založeno: darebacik 05. 12. 2025, 13:05:51
-
Mam hl. Mikrotik L009UiGS-2HaxD. Z neho su napojene 2x AP
1x MikroTik RbcAPGi-5acD2nD
1x MikroTik RBcAPGi-5acD2nD-XLMam tam VLAN pre 2 siete
192.168.150.0/24
192.168.20.0/24Ak som mal napojene jedno AP tak wifi fungovalo na oboch sietach, nesledoval som log, lebo som nemal dovod. Ked som pridal druhe AP, tak sa zda, ze je problem s iphonom. V logu vidim vela warningov
dhcp2 assigned 192.168.20.105 for XX:CB:XX:38:2F:XX iPhone
dhcp2 deassigned 192.168.20.105 for XX:CB:XX:38:2F:XX iPhone
dhcp2 offering lease 192.168.20.105 for XX:CB:XX:38:2F:XX without success
Cital som niekde na mikrotik fore, ze problem s AP od mikrotiku a iphony sa nejak nemaju radi a to je dlhodoby problem, ale teraz som mal hlasene, ze uz ani android sa nevie pripojit.
Nema s tym niekto podobne skusenosti ?
-
jako začátek troubleshootingu - jak je v iphone nastavená wifi - je tam položka "Private Wi-Fi Address", zkus jí přepnout na rotating pokud není
-
Problem je, ze tam nie som fyzicky :(
Ale mam configy oboch AP. Ak by to pomohlo mohol by som ich sem dat. Za dalsie sa doslo k tomu, ze ked sa jedno AP odpoji, tak neni problem. Je mozne, ze tie AP sa nejaky biju :)
-
Kdysi se tvrdilo že iphony zlobí když je v provozu short preamble ...
-
Ak by to pomohlo mohol by som ich sem dat. Za dalsie sa doslo k tomu, ze ked sa jedno AP odpoji, tak neni problem. Je mozne, ze tie AP sa nejaky biju :)
Tak je pošli, protože bez toho asi nikdo neporadí. Verze ROS? Je tam CAPsMAN (bez něj nebude fungovat roaming mezi více AP)?
-
Ja mam len info od cloveka, ktory sa na siet napajal s iphonom a testoval ju.
Ja osobne to budem testovat az v tyzdni, takze budem vediet viac.
Co sa tyka nastavenie AP. Tak je to bez capsman (moc zlozite na mna) a nakoniec su tam len 2 AP a menit sa tam toho vela nebude.
Konfiguracie oboch AP
AP1
/interface bridge
add name=bridge-LAN vlan-filtering=yes
/interface vlan
add interface=ether1 name=vlan20 vlan-id=20
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa2-psk mode=dynamic-keys name=host-security supplicant-identity=MikroTik wpa2-pre-shared-key=xxxxxxxxxxxxxxx
add authentication-types=wpa2-psk mode=dynamic-keys name=guest-security supplicant-identity=MikroTik wpa2-pre-shared-key=xxxxxxxxxxxxxx
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX country=slovakia disabled=no mode=ap-bridge security-profile=host-security ssid=personal_wifi_2.4
add disabled=no mac-address=XX:XX:XX:XX:XX:XX master-interface=wlan1 name=wlan1-guest security-profile=guest-security ssid=hostia_wifi_2.4
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=20/40/80mhz-XXXX country=slovakia disabled=no mode=ap-bridge security-profile=host-security ssid=personal_wifi_5
add disabled=no mac-address=YY:YY:YY:YY:YY:YY master-interface=wlan2 name=wlan2-guest security-profile=guest-security ssid=hostia_wifi_5
/interface bridge port
add bridge=bridge-LAN interface=ether1
add bridge=bridge-LAN interface=wlan1
add bridge=bridge-LAN interface=wlan2
add bridge=bridge-LAN interface=vlan20 pvid=20
add bridge=bridge-LAN interface=wlan1-guest pvid=20
add bridge=bridge-LAN interface=wlan2-guest pvid=20
/interface bridge vlan
add bridge=bridge-LAN tagged=ether1 untagged=wlan1,wlan2 vlan-ids=1
add bridge=bridge-LAN tagged=ether1 untagged=wlan1-guest,wlan2-guest vlan-ids=20
/ip address
add address=192.168.150.5/24 interface=bridge-LAN network=192.168.150.0
/ip route
add distance=1 gateway=192.168.150.1
/system identity
set name=ap_1_xx
AP2
/interface bridge
add name=bridge-LAN vlan-filtering=yes
/interface vlan
add interface=ether1 name=vlan20 vlan-id=20
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa2-psk mode=dynamic-keys name=host-security supplicant-identity=MikroTik wpa2-pre-shared-key=xxxxxxxxxxxxxxx
add authentication-types=wpa2-psk mode=dynamic-keys name=guest-security supplicant-identity=MikroTik wpa2-pre-shared-key=xxxxxxxxxxxxxxx
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX country=slovakia disabled=no frequency=2462 mode=ap-bridge \
security-profile=host-security ssid=personal_wifi_2.4
add disabled=no mac-address=ZZ:ZZ:ZZ:ZZ:ZZ:ZZ master-interface=wlan1 name=wlan1-guest security-profile=guest-security ssid=hostia_wifi_2.4
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=20/40/80mhz-XXXX country=slovakia disabled=no frequency=5240 mode=ap-bridge \
security-profile=host-security ssid=personal_wifi_5
add disabled=no mac-address=AA:AA:AA:AA:AA:AA master-interface=wlan2 name=wlan2-guest security-profile=guest-security ssid=hostia_wifi_5
/interface bridge port
add bridge=bridge-LAN interface=ether1
add bridge=bridge-LAN interface=wlan1
add bridge=bridge-LAN interface=wlan2
add bridge=bridge-LAN interface=vlan20 pvid=20
add bridge=bridge-LAN interface=wlan1-guest pvid=20
add bridge=bridge-LAN interface=wlan2-guest pvid=20
/interface bridge vlan
add bridge=bridge-LAN tagged=ether1 untagged=wlan1,wlan2 vlan-ids=1
add bridge=bridge-LAN tagged=ether1 untagged=wlan1-guest,wlan2-guest vlan-ids=20
/ip address
add address=192.168.150.6/24 interface=bridge-LAN network=192.168.150.0
/ip route
add distance=1 gateway=192.168.150.1
/system identity
set name=ap_2_xx
V principe konfiguracie su velmi podobne. Rovnake su SSID a wifi hesla pre obe siete.
Rozdielne su system identity, IP adresy pre AP, 192.168.150.5, resp. 192.168.150.6 a kanaly pre wifi (AP1 2GHz - 2412 MHz pre 5GHz - 5180MHz) - (AP2 2GHz - 2462MHz pre 5GHz - 5240MHz).
Preco myslite, ze roaming nebude fungovat ak to nebude riadene pomocou capsman ?
-
Preco myslite, ze roaming nebude fungovat ak to nebude riadene pomocou capsman ?
Bez CAPsMANa bude 802.11r fungovat jen mezi jeho vlastními rádii (takže v tomto případě pásmy 2.4/5GHz v rámci jednoho AP). Viz. dokumentace (https://help.mikrotik.com/docs/spaces/ROS/pages/224559120/WiFi):
"For a client device to successfully roam between 2 APs, the APs need to be managed by the same instance of RouterOS. For information on how to centrally manage multiple APs, see CAPsMAN"
-
Taky to podle configu to vypadá, že používáte starý driver wireless (https://help.mikrotik.com/docs/spaces/ROS/pages/8978446/Wireless+Interface) a navíc máte různé SSID pro 2.4/5GHz, takže 802.11r/k/v fungovat nebude. Musí se použít driver wifi-qcom-ac (https://help.mikrotik.com/docs/spaces/ROS/pages/224559120/WiFi#WiFi-Replacing'wireless'package), pokud tyto funkce chcete. Zda to řeší i popsaný problém nevím.
-
V té konfiguraci je více problémů:
- není třeba vytvářet vlan interface pro 20 vlanu, v rámci OS samotného AP s ní vůbec nepracuješ, takže není potřeba jej do sytému vůbec přivádět. Pokud by ta potřeba byla (např. pro debuging), pak se vytváří nad bridge interface a nikoliv nad ether1, který je součástí bridge
- v rámci bridge portů nemá vůbec figurovat vlan interface, pouze ether1 a všechny 4 wlany
- opravdu posíláš do AP z routeru obě VLANy (1 i 20) tagovaně?
Jak už zmínil uživatel přede mnou, používáš starý wifi driver na AP, kde nefunguje podpora pro fast roaming, v případě fast roamingu mezi rádii v rámci AP jsou nutné novější ovladače wifi-qcom-ac, pro funkční fast roaming mezi AP pak je nutná centrální správa - CAPsMAN.
-
Riesil som to z AI a poziadavky boli 2 oddelene siete (napr. personal a hostia). Najlepsie rozhodnutie bolo vytvorit VLAN.
V budove je jeden hlavny MK na ktorom je zdroj internetu a 2 AP. Kedze capsman sa mi zdal dost zlozity, tak som vytvoril (ako som uz spominal vyssie).
Kladne mozem jednu siet 5GHz, alebo 2.4GHz vynut a pouzit len jednu siet, lebo signal z tych AP sa siri velmi biedne. Avsak nechal som zatial obe pasma zpnute.
Spravil som to tak, ze su tam vlastne 4 WLAN
Siet 2.4GHz a 5GHz pre hosti
Siet 2.4GHz a 5GHz pre pesonal
Su nastavene identicky a ako som pisal zmenene su len system identity, IP adresy pre AP, 192.168.150.5, resp. 192.168.150.6 a kanaly pre wifi ab sa neprekryvali.
Predpokladal som, ze to bude fungovat. Ono to sice funguje, ale nie dobre.
Takto asi vyzera hlavny MK
/interface bridge
add name=bridge1 vlan-filtering=yes
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1 name=pppoe-out1 use-peer-dns=yes user=xxx
/interface wireguard
add comment=wg_server_linux listen-port=51832 mtu=1420 name=wireguard1
/interface vlan
add interface=bridge1 name=vlan_20 vlan-id=20
/interface list
add name=LAN
/ip pool
add name=dhcp_pool0 ranges=192.168.0.2-192.168.0.254
add name=dhcp_pool1 ranges=192.168.150.100-192.168.150.254
add name=pool_vlan_20 ranges=192.168.20.10-192.168.20.100
add name=dhcp_pool3 ranges=192.168.20.100-192.168.20.200
/ip dhcp-server
add address-pool=dhcp_pool1 interface=bridge1 name=dhcp1
add address-pool=dhcp_pool3 interface=vlan_20 name=dhcp2
/port
set 0 name=serial0
/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether7
add bridge=bridge1 interface=ether5
add bridge=bridge1 interface=ether6
add bridge=bridge1 interface=ether8
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface bridge vlan
add bridge=bridge1 tagged=bridge1,ether7 vlan-ids=20
/interface list member
add interface=bridge1 list=LAN
/interface wireguard peers
add allowed-address=0.0.0.0/0 comment=wg_client endpoint-address=wireg.net endpoint-port=51832 interface=wireguard1 name=peer2 persistent-keepalive=25s preshared-key="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=" public-key=\
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx="
/ip address
add address=192.168.150.1/24 interface=bridge1 network=192.168.150.0
add address=10.10.5.3/24 interface=wireguard1 network=10.10.5.0
add address=192.168.20.1/24 interface=vlan_20 network=192.168.20.0
/ip cloud
set update-time=no
/ip dhcp-client
add interface=ether1
/ip dhcp-server network
add address=192.168.20.0/24 dns-server=1.1.1.1,8.8.8.8 gateway=192.168.20.1
add address=192.168.150.0/24 dns-server=192.168.150.1 gateway=192.168.150.1
/ip dns
set allow-remote-requests=yes
/ip firewall filter
add action=accept chain=input comment="accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=forward comment=BLOKUJ_GUEST_TO_PERSONAL dst-address=192.168.150.0/24 src-address=192.168.20.0/24
add action=accept chain=input comment="Allow WireGuard management" disabled=yes in-interface=wireguard1
add action=accept chain=forward comment="Allow WG access to LAN" disabled=yes in-interface=wireguard1
add action=drop chain=input comment="drop invalid" connection-state=invalid
add action=accept chain=input comment="accept ICMP" in-interface=pppoe-out1 protocol=icmp
add action=accept chain=input comment="allow Winbox" in-interface=pppoe-out1 port=8291 protocol=tcp
add action=accept chain=input comment="allow SSH" in-interface=pppoe-out1 port=22 protocol=tcp
add action=drop chain=input comment="block everything else" in-interface=pppoe-out1
add action=fasttrack-connection chain=forward connection-state=established,related hw-offload=yes
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-out1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh port=2200
set api disabled=yes
/system clock
set time-zone-autodetect=no time-zone-name=Europe/Bratislava
/system note
set show-at-login=no
/system ntp client
set enabled=yes
/system ntp client servers
add address=0.sk.pool.ntp.org
add address=1.sk.pool.ntp.org
/system routerboard settings
set enter-setup-on=delete-key
/tool bandwidth-server
set enabled=no
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
-
Prave som sa docital, ze ak chcem pouzit capsman, tak musim aktualizvat AP z ROS 6.49.19 na ROS 7.
Na hl. Mikrotik L009UiGS-2HaxD mam ROS 7.16.2.
Bohuzial na dialku nechcem riskovat.
Zacina sa mi to trochu komplikovat :(
-
Jak psal @5nik, tak konfigurace VLANů je podivná. Co takhle nějakej obrázek/popis, co je kam zapojeno? Kde je připojeno druhé AP?
/interface bridge add name=bridge1 vlan-filtering=yes
/interface bridge port
add bridge=bridge1 interface=ether2
...
add bridge=bridge1 interface=ether8
/interface bridge vlan add bridge=bridge1 tagged=bridge1,ether7 vlan-ids=20
Pokud to chápu správně, tak ether7 je hybridní port s untagged VLAN1 (default) a tagged VLAN20. Ostatní jsou untagged VLAN1 (default), ale default politika je admit-all, takže na vstupu berou vše a na výstupu projde jen VLAN1(?). Takže jedno APčko je asi na ether7 a druhé kde?
Na straně konfigu APčka je nedoporučovaná VLAN in a bridge with a physical interface (https://help.mikrotik.com/docs/spaces/ROS/pages/19136718/Layer2+misconfiguration#Layer2misconfiguration-VLANinabridgewithaphysicalinterface). Ještě k tomu je interface VLAN20 postavený nad ETHER1 přidaný do stejného bridge jako ETHER1 (smyčka??):
/interface vlan add interface=ETHER1 name=VLAN20 vlan-id=20 !!!!!
/interface bridge port
add bridge=bridge-LAN interface=ETHER1 !!!!!
add bridge=bridge-LAN interface=wlan1
add bridge=bridge-LAN interface=wlan2
add bridge=bridge-LAN interface=VLAN20 pvid=20 !!!!!
add bridge=bridge-LAN interface=wlan1-guest pvid=20
add bridge=bridge-LAN interface=wlan2-guest pvid=20
/interface bridge vlan
add bridge=bridge-LAN tagged=ether1 untagged=wlan1,wlan2 vlan-ids=1
add bridge=bridge-LAN tagged=ether1 untagged=wlan1-guest,wlan2-guest vlan-ids=20
Souhlasím s @5nik, že VLAN20 interface tam není potřeba. Osobně bych se vyhnul defaultní VLAN1 a striktně používal frame-types=admit-only-vlan-tagged pro trunk a frame-types=admit-only-untagged-and-priority-tagged pro access porty.
-
Ospravedlnujem sa, ale ono je to trocha inak. Nepisal som na zaciatku, ze to ide cez poe switch ...
Tu som skreslil ako je to zapojene (https://viewer.diagrams.net/?tags=%7B%7D&lightbox=1&highlight=0000ff&layers=1&nav=1&dark=auto#R%3Cmxfile%3E%3Cdiagram%20name%3D%22Page-1%22%20id%3D%22GfZMh4sfOhnpBmxrZTqW%22%3E7V1bd9q6Ev41WWvvB1jWzZfHXEnPabuzmra75%2BksF5zgFYI5hjRk%2F%2Fojgw1YMthQzwQpSR8KQgjzfTNjfaOROGHnj%2FNeGk6Gn5JBNDqhzmB%2Bwi5OKCXEJ%2FK%2FrOVl2eIysWy4T%2BPBsslZN9zG%2F0T5O4vWp3gQTfO2ZdMsSUazeFJu7CfjcdSfldrCNE2ey93uktGg1DAJ7yOt4bYfjvTWv%2BPBbFh8LzdYv3AdxffD%2FKN96i1feAyLzvk3mQ7DQfK80cQuT9h5miSz5aPH%2BXk0ysAr43K15dXVhaXReNbkDd8%2FXLkv32%2B%2FpTGfOtej%2BXzg%2F7dTMUreNJ29FBikydN4EGXDOCfs7HkYz6LbSdjPXn2WrMu24exxJJ8R%2BfAuHo3Ok1GSyufjZCw7nS0H%2FBWOnvIB84YonUXzjQ%2FNr7sXJY%2FRLH2RXYYbyBY4Pq9pYHlTPkgQdGluXbm1ET%2FvEeZmcL8ae42UfJCDtQdwtAlw8uvJ186mszR5iBRQwlF8P5ZP%2B%2FL9UVoN3AasGVixNMvT%2FG2P8WCQfUwlHWXCNPg%2FxQ9pMosfZOtHxwm%2Bxb3bDr0O5xcH8UJcjRfCRYkYXyOGEyhiWBNi5DgygGyDbwP2cDpZRpW7eJ4BCmfeRDdvUjZv7pCuV4ZRFLC2DiO3OzCs3tQ6cMIm4AhHDKmu5cjB2ZxnFXKYt3HfcuTgbC6wCTmKGeeK27q10MEZHbFKr6AKFtJIsRgMHaDVNdIUpkDHUGOdVTqiAjpAq7NKSTDUWGeVlKiADtDqrNISHDXWWSUmKqADtDqr1ARHTURbpSYqoIOzuqo1FHOhE5ixrvgW1kIHaHVWqQmBGuusUhMV0AFanVVqwkWNdVapiQroAK0ORU2U19dPKLu6cuQf6rSFlRBlhQJtH1EUkaEh6jivjagAQ9Qq7eFSzb3hoGNWaQ%2FhYZkcs0p46NMYznwo5KzSHcTXKnoAobNLd3CGhZtVooNUFZGB1eJZJTpYgAmd2aKDKtA5PhZujRTHkRbmkoPgr6gcparTc10uQ1WOskYK5UgZOMwBDmKAgtXuskaK5kgZYFAMiPKEAc4BeCNVdKTwcyT44ayfNxJXRwq%2FAIKfOmjW30ihHSn8LhL8gNbfSOUdKfweFPx4sb%2BRWDxS%2BH0k%2BAGtv5HgPFL4AyD4GebsnzfSrUfKQIElAAVoHmC0%2FoUSwEyILpoHmKx%2Fi10CCAwA%2BoDJ%2BpdACWCOeRsQJmtgAiWCKyiA8wJhsg4mUEKYo0kBYbIQJlBKmAtMFzBZDBMoNSz0JUBALzBZEBMoRSxQbwQmi2ICpYqFHogAvcBkVUyhVHEFBYBeYLIwBlsZdlFFgcnKmEIp4woKAL3AZGkMtjbsYt4LXJOlMdj6cAUFcF7g2lV%2FW66tgtt74DZStKbCBlbt7VpVeEs4mrnZVXir4gZnb1ZV3RK88GZ2yW0dbnD2ZtWRIRQvvll1XoiGG5y9WbVhD2%2F65lm1Ww9v%2FuZZpRYYWnzzrJILGm5w9maVXmB48c0qvaDhBmdvKHqh4pAGJv8QEeV4kQ9FSRwhonA2avLqDdy2PuXAguKT2off6JUbLPhdMPhNXrWB29CnlbHAOYDfSDsdKQNwe%2Fp0BsB8wG%2Bkwo6UAbhtfZg%2B0EjPHSkDcDv7MH3A5HpGuM19mD5gcjkj1v4%2BQAcwuZQRbn8flgzwTS5jBNzch3kLMFoIw%2B3v06qHAL3AZDEMuMFPpwDOC0wWxIA7%2FLBuBIHJchhwex%2FWPCgwWQwD7u1DVAKByWoYcHsfmgtYtUpKGeJJsIFVC6U0wDoJNrCqsJKhnaAbWFVYyfDszarCSo5nb6%2FwGwmjDIrOIEwf%2FjihLIqIl%2B3fltfvZE8H2b8%2FMcHGM1KTpRiUGJbzHu12Xpg%2FwO9Jm6zGoMQwDVApMFmQQelhxlEpMFmQQUlihusFJq9PgkliXC8weYESaom44ldFISmwSiYS4SgH98H9eANxrFKK1MGEziqxSFGtzuQFPSgJQ7QDOwXYeQzEMVlEgikY%2FWAYQAqIySISSsFQfVEbkgKTRSTcJgdt%2BgxJgckiEowCv7zNB3DuTExWkGCnRXI8%2FE2WjyfUHWXXdZfIS9%2B8YPd%2FT0nxQmca%2FyNbT2UH4kzmi3GK1%2BWj%2B%2Bz%2Fm%2BRSvvzhczGgxHI55vLltmjmXjHDKoZhCtFgWXtCTK6kbY3o26sbYI7rf34T0ptNrtdtjWQ%2Bl6%2F2zuIZtDsrURt13mJyWXBrTNOM6e%2FJB%2BnUzpd%2FZdNpUMJddyUOtpTiCwHn2yYnLdoL4Bl6pzfn%2BEx7WnoEkGuT0yOtcU3czL0XczPYOF5mWilbYQzqjANCTU7BLOfM0%2Bd41h%2FKBxe3HXZJGPFvOpcfDmPG1ZghokyNr%2F2mUACWJKYmJ2e%2B3nyMxw%2By7evHzm2POIcmzCooIWw1zSlYKYsYIuA4MTlb04NK13D15CCwGnhCTU7X9CgYAdpyM1wdPKHvKRv5%2FzdoIU%2B1KaCUc108lt%2FzNa%2FFMl40fU%2FXFCIePjEnlGxNoG9fBZzpm5yu6ZHOVVssMMXZPLXsAzKkmpxB6VEwElyqZS4hWchzG9HgPipxsJuWaDw4TdPkuRLo2lBVB1IRHNJoFM7iX%2BULqwgiVbDkn3CTxIuAWMwNqbYAIGjQ9RV8p8lT2o%2Fy964h1oYTonx3Eky5olmY3kczbaAFV6sv%2Fxv0MZNzFq3ds67in%2FLSqfPXRF4b8I3LF92i1H2VoVKMgICtMzBis7fKawxfNjpMMreZbndm9TcWeH5M4DZvVZd39%2BsuarqvlgSq%2B2eJ8sX3a%2FhdXAWtpiFJuwyOHZIaZYWOthJW20RTccMAy6gx9u7fa%2BzV37Tgzm4PpL%2FVnXo1%2Fs1%2Bsz%2FZL37s3d%2FZJ95o2Kpq69B4s7pnosWbRgk4OVI8mW6bqGy4SzidRP1smLt4nnkNXPApjjDZcKGiaZXK1%2FRYcQooQOyxIcU1iH9VziSzy%2B7k13e66BGms8q5pDIpvVtexbrfX5NoLNtvw%2FF0ucH8Ohr9irIvIh9%2FjuQFqa3Z09M0DkfLh1P5zs40SuO7zQ93%2BquD5NeNjNLlL59uu8jpJBw3mjnTLTPn66fwOYrzqfOPDBX5%2BLLny7n29S%2B3k%2Fnyaja9%2FLDyBWiT7FXzgomWs4MO7dasQPIALGnEbEgPbjWY3PwyY0nvf%2F6RBdXMWNf%2FL49PcBaGdRc%2BxqOXZW85RPiYXUGVf5RfKg5kKLfq%2FlP1rkb%2BtLjC7a7u%2FAz7D%2FcLpDrK96XZ0nY22uaDPxsEiGXbp%2FghTb7G2RLvl5%2F905te3BFh%2F4KOL%2BodpexW7XgKUdaEXZ9pjkK7vhOs%2F%2BA0q1U74wKm3pI5AasSZo1SpKZA5weY0JlcswVVmuBXHEdAWdfZ%2FAO7fxZ5CCMZOcwn6hkJmDaDwSOkWW7BROHkeT6ecOJmJ7zUKE1V6ACjNLfqFEnPx4TO5LojqBucF%2FBXvMGZnECBusH5TFMeeITkI8Nl0%2BUo6cuP7In8kvnT%2F%2BQ9F08u5ps9L17yZ3W%2FHbjMmTaJnGZk8rnLy3djQTbp1furVf979q9L%2FXvqUuC%2B%2FWvWAn2H7%2Bpfk5vX0Cok9L65ee2y1fp86Nw890z1QFP8iih2LGoMQvWTuv6qHfOd%2FQNH9RO2l92Xvw3zDrT7wPFqj%2FMGN32%2FJdMfhNPhwtzJLj94TavV8S9bGfEOrGVw1b0s6kDgJLZVHWc%2BidoIh5KoDQRNYvF5b5HEWvCNcUXRVumbgSy25Yp1cRmcQ%2Fp2OVT8h6llMoc6ojYQOIlt1ahZQKKqpw4mEVuYCf52SXR93i2OdCjwL07A3J9IfSw%2FQOZSvF0u24qqvldZDfFqlLaVuTSfUq5uqWnsms56p8Yq9axv9QGnsq0UmAVUHpwHqKDSDXbWL4HT%2BobTO74v73kbCzhqpu3AzXR11gJO6RtO9mQe5pbnMTwrBNixTreP8yoW4q5O3sTitthN9Ra5VXaWiUPnSJzWDARO4ltOASnYH5oC0kjEzsa69J3EtQOpcbBxJm%2BnXhE8QA%2BwbzgrVBsYmztnHa3IpJpcY9ba6QJfv3z7%2FG%2Fss8i5CDTJQ4SmXtsrlnJNrl5rjeu%2FT1%2F%2F1HkOVjPqghfE2VFWIxw1pbu7TIb7ar5wz%2F5idznZ6oZS3b%2BmrEZ%2BGy2UMHdn9qTx%2BTfqhamVauB3qH1O8qoKLJpZbm7lOytt5ev8%2BHhQEKCkW5QnlupklUJZj2ss%2BV7X2Ui0HHCujHyaJlmEW6Muv%2FfwUzKIsh7%2FBw%3D%3D%3C%2Fdiagram%3E%3C%2Fmxfile%3E).
Z Mikrotik L009UiGS-2HaxD port 7 to ide na PoE switch DS-3E1318P-EI (je to manazovatelny switch hikvision).
Z PoE switcha su z portov 15 a 16 zapojene 2x AP
Ano viem, ze je to zle, pretoze hik ma len 100Mbps porty, ale v racku neni miesto a ani ziadne volne zasuvky 230V, preto sa dospelo k tomu, ze AP budu napajane z PoE switcha. Udajne 100Mbps pre AP staci :(
Ano tiez viem, ze Mikrotik L009UiGS-2HaxD ma port 8 PoE Out, ale z toho by som zapojil len jedno AP.
Port 7 na Mikrotik L009UiGS-2HaxD je trunk (port 8 som teda nevyuzil a ostal ako rezerva ak by bolo potrebne nieco napajat cez PoE), ide tam bezna prevadzka a VLAN20.
Na PoE switch DS-3E1318P-EI su porty 15, 16 a G1 nastavene na PVID1 a VLAN 20.