no internet on some wireless devices.
-
What are you using for wifi? The netgear in AP mode?
It could be an IPv6 issue. Those are both Android devices and that will try to use v6 if pfSense is providing it. Likely the Netgear did not.
Steve
-
@stephenw10
the netgear is gone completely. for wifi, i have 3 Eero devices in bridge mode.
i have never worked with IPv6. what must i do? disable or enable it in pfsense? really appreciate all your help as i am new -
First just check whether any IPv6 is on the system. Look in Status > Interfaces for any public v6 IPs.
Steve
-
@stephenw10
ipv6 is disabled
strangely, i see IPv6 on the interfaces. but they are not public, i think:
-
Yes, but you do have a valid prefix delegation so devices on LAN will be getting an IPv6 IP and trying to use it. Are those clients on LAN?
The easiest thing to there is disable the DHCPv6 and RA servers on LAN in Services > DHCPv6.
Reconnect the clients and test. -
@stephenw10
yes, both DHCPv6 and RA servers on LAN in Services disabled. restarted the Samsung tablet and still same issue.
with DHCP or static IP, the tablet still cannot get on. i cant even Ping the 192.168.1.1. Eero does not show the tablet as online on it's network. i rebooted Eero many times too.i also have a TP-Link access point in the basement. when i connect to that, i can access online and ping 192.168.1.1 too.
-
@stephenw10 said in no internet on some wireless devices.:
Those are both Android devices and that will try to use v6 if pfSense is providing it.
The issue is Android devices do not support DHCPv6, thanks to some genius at Google. SLAAC should be used. Disabling IPv6 is not the answer, except for clueless idiots who don't know what they're talking about.
-
@tung2567 said in no internet on some wireless devices.:
yes, both DHCPv6 and RA servers on LAN in Services disabled.
It appears you're getting some misinformation. Does your ISP provide IPv6? Does it work OK for wired devices? For non Android over WiFi? If you do have IPv6, you should configure the LAN to use SLAAC and not DHCPv6. Android has a bug (actually a designed in flaw) in that it does not support DHCPv6.
When you say you don't have Internet, do you mean nothing at all? Or IPv4 only? A bit better description of your problem would go a long way.
-
@tung2567 said in no internet on some wireless devices.:
i also have a TP-Link access point in the basement. when i connect to that, i can access online and ping 192.168.1.1 too.
That says a lot. If one access point works and another doesn't, then it's a problem with that other AP and not a pfSense problem.
-
We can see from the interface status that the ISP is providing a valid prefix delegation and that the LAN is using it. By default the RA and DHCPv6 servers are enabled on LAN so clients there could use them.
However that clearly isn't the issue as disabling them made no difference.Are the Eero APs on the LAN subnet? Is the TP-Link AP also on LAN?
Yes, if they are both on LAN this looks like an Eero issue. Were you using that with the Netgear router previously? -
@jknott
let me draw things out so it's easier.
old setup was working perfectly fine. i just wanted to use the new setup to play around n learn with pfsense and vlan.new setup has a total of 4 ports. 1 WAN and 1 LAN. however, i bridge LAN and 2 other ports to make them act as a normal netgear using this method....https://protectli.com/kb/how-to-enable-lan-bridge-with-pfsense/
i wonder if that's why im having this crazy issue:- some devices on Eero don't have any internet. they connect to the Eero fine and ping other devices but just cant get online.
- some devices on Eero has internet for browsing but some apps refuses to work. error about servers being down.
- TP link AP works fine however with all other devices. i have not tested all of them.
just for fun, i revert back to the OLD setup and all is good again so i know it's the pfsense machine.
you are right, turning DHCPv6 off has no impact... -
@jknott
i have verizon fios in Philadelphia. i assume i get ipv6 from the fios ONT box.
the issue seems to affect ipads in the house too. several apps would come up with hostname errors.
thats what i have now. not sure where 100.11.16.1 comes from but it's not my public IP.working fine as off now
mobiles dont work if i changed to
so i will assume you meant this. but still not good :(
-
@tung2567 What are your firewall rules on the OPT interfaces?
-
IPv6 Configuration Type should be track interface.
-
Yup, that^.
And what interfaces are in bridge0?
And have you moved bridge filtering from the members to the bridge?
https://docs.netgate.com/pfsense/en/latest/bridges/firewall.html#bridging-and-firewallingSteve
-
@jknott
for LAN ipv6 config type, it was Track Interface (i believe). but i thought you wanted me to change to SLAAC? any way, i will do Track Interface again.
currently i revert back to the OLD setup because wife n kids gotta do their homework. that's hard when half of their devices are not working.
will verify your recommendation next week. thank you! -
@stephenw10
in my System > Advanced > System Tunables
i already have:
net.link.bridge.pfil_member value = 0
and
net.link.bridge.pfil_bridge value = 1hopefully this bridging is not the cause.
in all the videos i have seen, everyone just used WAN, LAN, and a dumb switch plugged into LAN to have more ports. i did not want a switch to take up more space in the tiny living room so i used bridging. -
@tung2567 said in no internet on some wireless devices.:
for LAN ipv6 config type, it was Track Interface (i believe). but i thought you wanted me to change to SLAAC?
Yes I did. However, there's a couple of ways of doing SLAAC. Since you get your prefix from DHCPv6-PD, you have to use track interface. However, if you had a static configuration, then you'd use SLAAC.
-
What interfaces are in bridge0? igc1-3?
What rules do you have there?
There doesn't appear to be any difference between igc2 and igc3 from what you've shown us so far so you would expect clients on either AP to pass traffic similarly. But clearly there is a difference.
Steve
-
i still couldnt figure out anything. so i factory reset. physically eth0 is wan. eth1 is LAN. a cable goes from eth1 to a dumb switch. this switch feeds everything, including the Eero. now i have internet on everything. im guessing somewhere the direction i followed for Bridging is bad or something.... so for now, i will ignore eth2 and eth3.