Hi,

I am runing a Mikrotik(MT) router that connects via ether6 to the switch´s ether1.

In the MT there a 2 VLANS created:

-BASE-VLAN (pvid=99) > the admin client is here with ip 192.168.0.11

-TEST-VLAN (pvid=100) > a nas is here with ip 192.168.100.40

I need to acces from VASE-VLAN 192.168.0.11 to the nas 192.168.100.40.

Mikrotiks config for ether6 is Pvid=99 + Frame types=admit all.

TL-SG108PE´s config is:

Ether1 Pvid=1 (tagged)

Ether3 Pvid=100 (untagged) > The nas is connected to this port. It does get an ip 192.168.100.40.

Ether7 Pvid=99 (untagged) > The admin is connected to this port. It does get an ip 192.168.0.11.

Firewall rules are in place in the MT to allow traffic from BASE-VLAN to TEST-VLAN for the admin client (Authorized).

This is the LAN MAP:

Since I am not a network expert I cannot figure out how to setup the VLANS to allow for admin to communicate to NAS2.

My main goal was to isolate all VLANS which has been accomplished. But I need to access the web-admin-page of the nas to work on it.

I hope I can get any help on how to set this up so that it works since I think this should be possible to setup.

Rgds