Allow Single IP Through Firewall
-
@nogbadthebad Thank you. I moved the rule up, but unfortunately that did not work. The reason I have the Time Capsule on a different VLAN is because I have one IOT device that will not connect to my Unifi AP, but will connect to the Time Capsule (wireless), so I just put it in it's own little world.
Also, I did move it back over to the LAN side and it works fine.
-
@nosenseatall Are you trying to use the Time Machine software or just access your time capsule over SMB or AFP?
If the time machine is the feature you want you will need to install the AVAHI package and configure the mDNS to pass over both interfaces -- Apple's Time Machine doesn't rely on IP traffic to discover systems but mDNS (which is a blessing that it finds devices with no or wrong IPs but a curse that it cannot find anything that isn't in the same Layer 2 network).
-
@gertjan Thank you.
I don't believe there is a web interface for Time Capsules. Access is usually done through the Airport Utility.
Also, I moved it back over to the LAN side and it works fine.
-
@rcoleman-netgate Thank you - I'll give that a try.
-
@rcoleman-netgate Would this be the correct usage of the AVAHI package?
-
@nosenseatall You should select all the interfaces you want it to run on -- you only have LAN but you mentioned earlier that your TC is on VLAN_50.
-
@nosenseatall Tried creating an additional 2.4 Ghz only SSSID on your Unifi AP, I had similar problems with a Lyric Thermostat.
-
@nogbadthebad I tried that. I usually run it with both 2.5 & 5Ghz selected. I switched it over to 2.4 only and it still won't connect.
-
@rcoleman-netgate I have corrected the interfaces to include both LAN and VLAN_50_IOT, but for some reason it still won't find the TC. I also tried adjusting my firewall rule so that it was using LAN net and VLAN_50_IOT net, and no luck with that either.
-
@nosenseatall WPA3 enabled ?
-
@nogbadthebad should I uncheck these?
-
@nosenseatall Give it a go, it could be the device doesn't support WPA3.
-
@rcoleman-netgate Any other suggestions on why the TC is not being seen on the VLAN_50_IOT side after modifying AVAHI settings? As mentioned earlier, I have the LAN and VLAN_50_IOT interfaces selected, and played with different firewall rules, but still no luck seeing the TC.
Thanks!
-
@nosenseatall what does the Firewall Log show? Anything at all? Filter by the IP addresses of the involved devices. Do a PCAP on the interfaces looking for those device IPs, etc.