manage AP on another subnet [Solved]
-
@johnpoz I guess that is my bad, I disabled it for a quick test but it's enabled otherwise.
I also did check my AP settings, there's a "layer 3 accessibility" but my switch is only layer 2, so I guess even enabling that, it wouldn't help. I will have to figure out how to get those source and outbound NAT rules setup.
-
@lolcakes69 said in manage AP on another subnet:
there's a "layer 3 accessibility"
Not sure what that is - but pfsense is routing at layer 3. This might have to do with allowing access from other networks other than the AP local network - what is the specific make and model of this AP. I should be able to take a look at the manual and see what exactly they mean by that statement.
If I had to "guess" you would have to provide the IP(s) that can access it, or the cidr block that can, etc. like 192.168.1.0/24
-
@johnpoz it is a TP-Link EAP225. oh yeah that's right, that went straight over my head - my AP isn't even connected to my switch lol idk why I said that. I have the AP set to 192.168.1.2
-
@lolcakes69 those are meant to be managed by a controller, do you not run the controller? If your trying to manage it via the web gui and not a controller.. I believe that has limited functionality..
I looked for emulator of that model but could only find like the 610.. Could you post up a screen shot of where your seeing that.
-
@johnpoz it's in this menu here
-
i can all of a sudden access it now? I've had that setting enabled since I found it but wasn't able to access it until now. I don't even know if I did anything different. But it works now? So I guess that's good?
-
@lolcakes69 well per this thread - sure seems like that is what allows access from other network
https://community.tp-link.com/en/business/forum/topic/229318
So your trying to access from lan with say https://192.168.1.2:10443
What I would do if not working with your wide open lan rule.. Is sniff on the guest interface on pfsense (packet capture under diagnostics) on that IP and port.. While you try and access from your lan. If you see the traffic go out, and no response then the problem is with the AP.
edit:
Oh so its working now - great!! Maybe that setting didn't take effect, did you maybe reboot the ap? Or maybe you didn't use the :port on the end of your url? -
@johnpoz AP wasn't rebooted. Actually I think what it was is I wasn't putting in https:// and had just assumed it would connect via that. All I had in the address bar before was 192.168.1.2:10443
-
@lolcakes69 yeah you really need to make sure you call out http or https - browser can quite often default to http and that port isn't the http port, etc.
-
@johnpoz ty for your help. Now how do I close this thread or mark it as resolved? lol
-
@lolcakes69 you should be able to edit the subject - but I will mark it for you.
