When I received my new router (a MikroTik Cloud Router Switch CRS109-8G-1S-2HnD-IN), I was surprised and disappointed to find that even though it had two external antennas for wireless receiving and transmitting, the range of the wireless signal was considerably less than that of my previous router (a MikroTik RB751U-2HnD). Despite this, every other function of the router was great, including switching and routing at gigabit speeds (compared to my last router’s Fast Ethernet speeds).
Because of this, I decided I would re-purpose my old router to be a stand-alone access point (AP) for my network. This would not only increase signal strength but allow me to move my access point away from my other equipment, reducing interference. It would also allow me to position the access point in a location closer to the center of the house to ensure more even coverage.
In order to do this, I first set up a local network on the AP router specifically to use for management in case of an issue with the rest of the network or any other issues. After doing this, I set up a network on my router specifically to use for remote management of the AP from the rest of the network (how I would be managing it most of the time). Since I only needed two host IP addresses (one for the router and one for the AP), I used a /30 network. After this, I enabled remote management and allowed connections through to the AP. Once I verified this was working, I shut down the AP so I could move it to its new location.
Once I finished setting up the AP in its new location, I booted it and was able to connect to its management interface from the admin network. Once I opened the management interface, I created a few new VLANs to allow data to be passed from multiple virtual access points to their respective networks. These VLANs were configured with IDs 50, 51, and 52. Their designated purposes were the main network, the admin network, and the guest network respectively. After creating these VLANs on both the router and AP, I set up trunking between the router and the AP. This ensured that VLAN traffic could be properly transferred and interpreted by both endpoints.
At this point, I had to configure virtual access points that would run on the AP (guest, admin, main). To do this, I disabled connection to the main wireless interface and instead created multiple virtual access points on this interface. I also configured appropriate security profiles using the same information the other router’s wireless configuration had to ensure users could connect without having to change their connection information.
On the AP, I bridged each VLAN to its corresponding virtual access point to ensure data sent and received from the virtual access point was transferred to the proper VLAN back at the router. At this point, the AP and the router could pass VLAN information over the trunk cable from the appropriate virtual access point, but devices would not be able to connect because no networking had been configured at the router.
Getting networking up and running was a fairly straightforward process, since I had most of the networking configured previously from when I used the router’s built-in wireless interface. All I had to do was move the DHCP servers configured on the router and their corresponding networks to the proper VLAN with the exception of the admin network. In that case, I simply joined the VLAN to the bridge I previously used to join the built in wireless interface and the wired interfaces.
Once I was finished with that, I tested each wireless network to make sure IPs were being assigned properly and there was internet connectivity. After that, I made a backup of the configuration of both the router and the AP and enabled email alerts on the AP. To get an idea of what my network looks like, see below: