LogoLogo
🇬🇧 English
🇬🇧 English
  • 💡Using this Academy
  • Getting Started
    • Creating your first venue
  • Hardware & Installation
    • Installation Guides
      • MikroTik
        • Winbox
        • WebFig
        • MikroTik Script Generator
        • VLANs & Additional APs
          • Add VLAN on MikroTik
          • Add additional APs to MikroTik
          • Whitelist a device in the guest network
          • UniFi APs and MikroTik
        • Connection Guide
      • Ubiquiti
        • Ubiquiti UniFi
        • Creating access credentials
        • Installing remote access tunnel
        • Guest network for physical ports
        • Ubiquiti UniFi Legacy
          • Overview
          • Controller configuration
            • New interface version
            • Legacy interface version
          • File upload
            • Cloud Key
            • Dream Machine
            • Software Controller
      • Ruckus
        • Ruckus ZoneDirector
        • Ruckus Unleashed
        • Ruckus Virtual SmartZone
      • Cisco
        • Cisco Catalyst
        • Cisco Meraki
        • Cisco Meraki - add Social WiFi account to your dashboard
        • Cisco WLC
      • TP-Link
        • TP-Link Omada
        • TP-Link Omada (Legacy)
      • Juniper Mist
      • Ruijie
      • Zyxel Nebula
      • OpenMesh
      • Huawei AC / FAT AP
      • Extreme Networks
        • WiNG Controller
        • Extreme Cloud IQ
      • Aruba
        • Aruba Central
        • Aruba IAP
        • Aruba Instant On
      • Alcatel-Lucent
        • OmniVista Cirrus
        • Alcatel-Lucent Express
      • Fortinet
        • FortiGate / FortiWiFi
        • FortiAP
      • Grandstream
        • Direct access
        • GWN Cloud
      • Aerohive
      • Teltonika
      • TanazaOS
      • IgniteNet
      • Cambium Networks
        • cnPilot
        • cnMaestro
      • DrayTek Vigor
      • DCN
    • Hardware FAQs
      • Recommended devices
      • Set network limits
      • How to set up session timeouts on MikroTik devices
      • Change MikroTik SSID
      • Why is there no Meraki GO integration?
      • Configure devices to make YouTube widget work
    • Setup FAQs
      • Login process
      • QR codes and Social WiFi
      • Troubleshooting
      • Setting up your first AnyDesk session
      • How to export configuration from a MikroTik device?
      • How to create HAR file on different internet browsers
      • What benefit is editable radius secret?
      • Can I charge customers for WiFi access?
      • Understanding Access Point statuses?
  • Dashboard Guides
    • Dashboard Guides
      • Location Management
        • How to add a new Project
        • How to add a new Venue
        • Duplicate a Venue design within a Project
        • What is the difference between a Project and a Venue?
        • How do I delete a Project or Venue
      • WiFi Splash Pages
        • How to add a Pre-Login Page
        • How to copy Login pages to other Venues in a Project
        • How to change the opt in slider to a button
        • Adding YouTube widget
        • Adding a countdown delay on the Pre-Login Page
        • Login button options
        • Embed Instagram posts on your Welcome Page
      • Online Reviews
        • Configuring the review system
        • Change the review redirection links
        • Where to find Google review redirection link?
        • Copy review settings to other Venues?
        • Change when a review request email is sent?
        • How to send a review reminder
        • Reply to user messages
        • Forward customer feedback to help desk systems
        • Turn off the review system?
        • TripAdvisor Review Express
        • How to change your review score style
        • Send a test review email
      • Email Marketing
        • Send an email after the first login
        • Send an email on login
        • Send an email after a visit
        • Send an email after X visits
        • Send an email if somebody hasn’t visited in so long
        • Copy emails to other Venues
        • Adding Email Attachments
        • Bulk email campaigns sending rules
        • Send emails using your own domain (address)
        • Setup your Gmail account as the email sender
        • How to set up your own SMTP server
        • Use Amazon SES to send your emails
        • Create a linked button in the email editor
      • Dashboard Users
        • Project and venue permissions
        • Adding an Admin User
      • SMS Marketing
        • Setup SMS Automation
        • USA Registration
      • How to export user data
      • Verified vs Unverified User Data
      • How to read device statistics
      • Dashboard statistics – what do they represent?
      • Adding Custom Fonts
      • How to remove a user from the Social WiFi database
      • Optional features – autologin, AP warnings and others
    • Dashboard FAQs
      • How do I delete content in the Media tab?
      • Why are the email and splash page editors different?
      • Can I import a database into Social WiFi?
      • How to ask a user for more feedback
      • How do I add more than one Pixel or Cookie to my Venue?
      • How to turn off New Feedback email notifications
      • Why do I get Access Point Warning emails?
      • How to turn off Access Point Warning email notifications
      • Can I move the "Connect to Internet" button?
      • Can I edit venue ID?
      • Can I add other review sites to my system?
      • Can I add a custom set of review emojis?
      • My data isn’t appearing in the User Data tab
      • Is the dashboard available in other languages?
      • Send a Project Report
      • Can I add other language versions?
      • My venue shows as Inactive
    • WiFi Login FAQs
      • Social Media Login
        • Can I authenticate for Facebook login via the app?
        • What data do you get from each login method?
        • Why Facebook widget is not enabled on MacBooks?
        • Can my guests like or check-in at my business?
        • Can I use Instagram login widget on my login page?
        • Can I use Google login widget on my login page?
      • Email Login
        • Turn off verification emails
        • Why are activation emails recommended?
        • How to make the email verification link compulsory
        • Why there are multiple activation emails for one user?
        • How to ask for more information on email login
      • Login Codes
        • Pre-login Code vs Login Bypass Codes?
        • Add a password unlock button on the Pre Login Page
        • How to generate Pre Login codes
        • How to generate Login Bypass codes
      • Known Issues
        • Issues with hotspot networks on Apple devices
      • How Auto Login works
      • Ask additional questions on WiFi login
      • How to collect phone numbers
      • Redirect to a webpage after login
      • I didn’t receive an email after logging in
      • How to gather feedback during the login process
  • Integrations
    • Connecting Social WiFi data
      • Integrate with Mailchimp
      • Integrate with Campaign Monitor
      • Integrate with Zapier
      • Integrate with HubSpot
      • Integrate with GetResponse
      • Integrate with Revinate
      • Integrate with Klaviyo
      • Integrate with Brevo
      • Integrate with SALESmanago
      • Integrate with Freshmail
      • Push historic data to your CRM
      • Copy Integrations to other Venues
    • Retargeting Pixels & Cookies
      • Pixels & Cookies Purpose
      • Add Facebook Pixel
      • Add TikTok Pixel
      • Add Snapchat Pixel
      • Add Google Ads Cookie
      • Copy Integrations to other Venues
  • Tips & Tricks
    • Sending surveys via WiFi with Google Forms
  • Billing
    • Invoicing & Payments
      • Can you automatically take my payments?
      • How do I cancel my service?
      • What are the payment terms?
      • How can I pay for my service?
      • When do Social WiFi send invoices?
  • Reseller Program
    • Brand Guidelines
    • White Label
      • White label configuration guide
      • White label hardware configuration guide
      • Account Management
      • Can Social WiFi be white labelled?
      • Can my company’s logo be placed in the dashboard?
Powered by GitBook
On this page
  • Run Social WiFi on a VLAN
  • Configuration from the example above to copy and paste to a terminal:
  • Deprecated method of configuring VLAN on your MikroTik router

Was this helpful?

  1. Hardware & Installation
  2. Installation Guides
  3. MikroTik
  4. VLANs & Additional APs

Add VLAN on MikroTik

PreviousVLANs & Additional APsNextAdd additional APs to MikroTik

Last updated 2 months ago

Was this helpful?

Sometimes you might want to separate your guest network from your private network. This guide will help you to set up a VLAN on your Social WiFi network, so that any Access Points connected on a particular physical interface and tagged with the same VLAN tag will relay proper packets where you want them to go.

Before you get started with this guide, you will need to configure Social WiFi service on your MikroTik router. Please refer to this guide in order to do so.

Your VLAN ID will also need to be configured on your Access Points and any switch located in between them and the MikroTik router. This setup will be different depending on your device manufacturer, model and operating system.

Run Social WiFi on a VLAN

The installation guide for MikroTik assumes that the hotspot service will be running on physical port 3, handling untagged traffic. Let's assume, that you want to instead have a hybrid port, where untagged traffic goes to default LAN network (no Social WiFi) and traffic tagged with VLAN ID 20 goes to the guest network (with Social WiFi enabled).

This article shows one of the available ways to configure a VLAN on a MikroTik device. There are at least 2 other ways to do it. "bridge vlan filtering" is the recommended one, unless you're after VLAN hardware offloading, in which case you need to consult examples specific to you MikroTik model.

Always make a backup of your configuration and download it to your computer, in case something goes wrong. Wrong VLAN configuration may cut you off from the router.

VLAN ID 20 is used an example, change the VLAN ID to the one appropriate in your case.

To add a VLAN using this method, please go to Interfaces->"+"->VLAN. Add the name, set your VLAN ID and set interface to "bridge".

Now, go to Bridge -> VLANs -> "+" and configure the VLAN filtering as follows:

Bridge
bridge

VLAN IDs

20

Tagged

bridge, ether3

Adding "bridge" as tagged interface is important, it makes DHCP server and other CPU-related services work. More on that topic here: https://help.mikrotik.com/docs/display/ROS/Bridging+and+Switching#BridgingandSwitching-TaggedaccesswithVLANfiltering

Now, go to IP->Addresses, IP->DHCP-Server, IP->Hotspot and change interfaces from "sw" to "vlan20" for every single window opened as follows:

Now, go to Bridge->Ports and change "ether3" bridge from "sw" to "bridge":

If you're connecting through the MAC Address, keep in mind that you'll get kicked out from the WinBox after the next two changes. Just reconnect shortly after.

Now, go back to Bridge(1.) and turn on bridge VLAN filtering for "bridge" as follows. Make sure to leave "PVID" at 1.

Everything should be working by now. The last thing left to do is to delete the "sw" bridge, to do that go to the Interfaces->Interface, select the "sw" bridge and press X (3.).

Configuration from the example above to copy and paste to a terminal:

/interface vlan add interface=bridge name=vlan20 vlan-id=20
/interface bridge vlan add bridge=bridge tagged=bridge,ether3 vlan-ids=20
/ip address set [find interface=sw] interface=vlan20
/ip hotspot set [find interface=sw] interface=vlan20
/ip dhcp-server set [find interface=sw] interface=vlan20
/interface bridge port set [find interface=ether3] bridge=bridge
/interface bridge set bridge vlan-filtering=yes
/interface bridge remove sw

Deprecated method of configuring VLAN on your MikroTik router

This method is simpler, but no longer recommended, due to possible issues in more complex networks. See: https://help.mikrotik.com/docs/display/ROS/Layer2+misconfiguration#Layer2misconfiguration-VLANinabridgewithaphysicalinterface

Interfaces -> Add -> VLAN

Name
[your desired name]

VLAN ID

[your VLAN ID]

Interface

[interface on which your APs are connected]

Bridge -> Ports -> Add

Interface

[choose the VLAN you created]

Bridge

sw

OK

If your AP is connected on the port you configured (in this case, ethernet port 3) and has properly set VLAN tagging, then you should be free to enjoy Social WiFi service without impacting your main network!