Multiple Networks over a wireless link using Ubiquti NanoStations &

Mikrotik Routerboards
Scenario:
You have multiple different networks on different subnets (lets say an IP Phone system and your internal data
network and a security camera network), and you wish to send these over a wireless link.
Equipment were using:
2x Ubiquti NanoStation M5
2x Mikrotik RB750
For ease, lets says that the IP ranges were using are as follows (and at the same time, lets make up some
VLANs to go with it)
Internal Network 192.168.10.0/24 VLAN 10
Phone Network 192.168.20.0/24 VLAN 20
Camera Network 192.168.30.0/24 VLAN 30
For Management IP's
RB750 - Main - 192.168.10.254
NanoStation Main- 192.168.10.253
NanoStation Remote- 192.168.10.252
RB750 - Remote - 192.168.10.251

Network Diagram:
For the main RB750:
/system identity
set name=RTR-MAIN
# Here we will make the bridges for our 3 networks
/interface bridge
add disabled=no name=10-Data-Bridge
add disabled=no name=20-Phone-Bridge
add disabled=no name=30-Security-Bridge
# Lets make the VLAN's that will look after each of the networks
/interface vlan
add disabled=no interface=ether5 name=ether5.10 vlan-id=10
http://blog.gowifi.co.nz/2014/01/multiple-networks-over-wireless-link.html

add disabled=no interface=ether5 name=ether5.20 vlan-id=20

add disabled=no interface=ether5 name=ether5.30 vlan-id=30
# We will add the ports that the networks come in on, and also the new VLAN's into
the bridges
/interface bridge port
add bridge=10-Data-Bridge disabled=no interface=ether1
add bridge=20-Phone-Bridge disabled=no interface=ether2
add bridge=30-Security-Bridge disabled=no interface=ether3
add bridge=10-Data-Bridge disabled=no interface=ether5.10
add bridge=20-Phone-Bridge disabled=no interface=ether5.20
add bridge=30-Security-Bridge disabled=no interface=ether5.30
# And add a management IP address
/ip address
add address=192.168.10.254/24 disabled=no interface=10-Data-Bridge
network=192.168.10.0
On the NanoStation M5:
Set the mode to Station and enable WDS and add some security
Next go to the network tab, and choose Advanced configuration mode. Enter in the management IP address

http://blog.gowifi.co.nz/2014/01/multiple-networks-over-wireless-link.html

In the VLAN Network options, Add the VLAN for each LAN and WAN interfaces. Once you've done this, make a
bridge for each VLAN and add the LAN and WAN interface for each.
Make sure in the Management Network Settings, The Management Interface selected is the one that you are
using for your management VLAN.

http://blog.gowifi.co.nz/2014/01/multiple-networks-over-wireless-link.html

On the Remote NanoStation:

On the wireless tab, set the mode to Access Point and enable WDS and add some security

http://blog.gowifi.co.nz/2014/01/multiple-networks-over-wireless-link.html

On the network tab, add your management IP address

http://blog.gowifi.co.nz/2014/01/multiple-networks-over-wireless-link.html

And add your VLAN's, create some bridges and add the interfaces to them, like we did on the first one. Don't
forget to ensure that the Management interface is the bridge that has your management IP on it (VLAN 10)

http://blog.gowifi.co.nz/2014/01/multiple-networks-over-wireless-link.html

http://blog.gowifi.co.nz/2014/01/multiple-networks-over-wireless-link.html

Lets make sure the link is working before proceeding (Hurrah!)

So coming out of the Remote NanoStation M5's ethernet port, we should have 3x trunked VLAN's, let's configure
the remote Mikrotik RB750 to see if we have..
/system identity
set name=RTR-REMOTE
#Here we will make the bridges for our 3 networks
/interface bridge
add disabled=no name=10-Data-Bridge
add disabled=no name=20-Phone-Bridge
add disabled=no name=30-Security-Bridge
#Lets make the VLAN's
/interface vlan
add disabled=no interface=ether5 name=ether5.10 vlan-id=10
add disabled=no interface=ether5 name=ether5.20 vlan-id=20
add disabled=no interface=ether5 name=ether5.30 vlan-id=30
#Here we make sure the VLAN's coming in, go into the correct bridge, and then also
selecting what port they're to go out on
/interface bridge port
add bridge=10-Phone-Bridge disabled=no interface=ether5.10
add bridge=20-Data-Bridge disabled=no interface=ether5.20
add bridge=30-Security-Bridge disabled=no interface=ether5.30
add bridge=10-Phone-Bridge disabled=no interface=ether1
add bridge=20-Data-Bridge disabled=no interface=ether2
add bridge=30-Security-Bridge disabled=no interface=ether3
#And add a management IP address
/ip address
add address=192.168.10.251/24 disabled=no interface=10-Data-Bridge
network=192.168.10.0

http://blog.gowifi.co.nz/2014/01/multiple-networks-over-wireless-link.html

This should be complete! Let's see if we can ping from the remote RB750, through to the default gateway
[admin@RTR-REMOTE] > /ping 192.168.10.1
HOST
SIZE TTL TIME STATUS
192.168.10.1
56 64 4ms
sent=1 received=1 packet-loss=0% min-rtt=4ms avg-rtt=4ms max-rtt=4ms
[admin@RTR-REMOTE] > /ping 192.168.20.1
HOST
SIZE TTL TIME STATUS
192.168.20.1
56 64 9ms
sent=1 received=1 packet-loss=0% min-rtt=9ms avg-rtt=9ms max-rtt=9ms
[admin@RTR-REMOTE] > /ping 192.168.30.1
HOST
SIZE TTL TIME STATUS
192.168.30.1
56 64 9ms
sent=1 received=1 packet-loss=0% min-rtt=9ms avg-rtt=9ms max-rtt=9ms

Now if you plug a PC or a Switch into port 1 on the remote RB750, you'll get the VLAN 10 (192.168.10.0/24)
Network, and likewise for Port 2 and 3.

http://blog.gowifi.co.nz/2014/01/multiple-networks-over-wireless-link.html