Problem with two lan networks and access to ap
-
Is this a stand alone machine?
I did not understand what it means stand alone machine ?
I will describe what I have
I took a computer without an operating system with nothing
I added three network cardsDownloaded from the website of pfsense
Version 2.0.3 to burn to discI turned on the computer and installed the system
Beyond that I do not have much access to this computer
One network card connected to the modem
Second network card is connected to the switch
Third network card connected to API do not have a disk with version 2.1
I'll have to download and burn -
I would try it with a livecd. This way you don't have to go changing settings to experiment to find out if its just the settings or packages.
You can tinker and the changes will not be permanent. -
OK
I downloaded the file, burn it
I turned on the system from the disk
I defined the interfaces according to what I wrote earlierI currently browses through the operating system disk
Still no access
-
The IPv4/v6 thing is not relevant here. With it enabled by default in the beta and RC images it sometime caused odd connection problems when people had broken IPv6 implenmentations at their ISP or router/AP.
My money is on Snort. Do the Snort get correctly copied across the update? Check the logs, what is being blocked?
Steve
-
My money is on Snort. Do the Snort get correctly copied across the update? Check the logs, what is being blocked?
I currently browses through the live cd
No packageStill no access
-
Lost that bet then! ::)
Check the firewall logs anything blocked? You've unchecked 'block private networks'?
Forget accessing the webgui of the AP. Try some basic pinging. Try to ping everything from everything else! Check the logs again.
Steve
-
There Pings
Both to ap
Well as computer connected wirelessly to ap -
Sorry I'm not sure quite what you mean there. What can ping what? :-\
Steve
-
i can ping from a computer that Connected to the Wired network
to the AP
to a computer connected to the Wireless NetworkAnd Reverse
i can ping from a computer that Connected to the Wireless Network
to a computer connected to the wired Network -
Ok.
Can you ping from the pfSense box to the AP? to a wireless client?
Can you ping from the AP to the pfSense box or a wired client?I have a router I use as an access point that behaves exactly as yours is doing and the reason is that it has no route to get packets back to clients on the other subnet. The AP/router usually uses it's WAN port for anything that isn't in its LAN subnet but in this scenario it has no WAN so it has no route. I have successfully worked around this by setting a subnet mask on the AP that contains all the local subnets, i.e. /16 However I have an AP this doesn't work for.
That doesn't explain why it worked fine under 2.0.3 though. :-\Steve
-
from pfsense to AP - There is Ping
from pfsense to wireless client - no ping
from AP to pfsense - no ping
from AP to wired client - no ping -
from pfsense to AP - There is Ping
That would go out from 192.168.2.1 on pfSense directly to the AP. So pfSense OPT1 and the AP have compatible (hopefully the same) subnets.
from AP to pfsense - no ping
I guess that was from AP, ping 192.168.1.1 - the pfSense LAN IP. In that case the AP probably does not know how to route to that. If you tried to ping 192.168.2.1 then that is good, but you will need to have added a pass rule on OPT1 after booting the LiveCD version.
I can't understand what has happened here - the symptoms look a lot like an AP subnet/mask/default gateway problem. But it is pfSense that has been upgraded - so what is the real cause of the problem???
Can you post the actual AP:
- IP address
- network mask
- default gateway for LAN (or tell us that there is no setting for that)
and confirm that OPT1 is 192.168.2.1/24 and has a pass rule with source any (or OPT1 net).
-
Few answers
Interfaces configured so
Wired network 192.168.0.1/24 –----> go to Switch dhcp on pfsense 192.168.0.30 -- 100
Wireless Network 192.168.2.1/24 ------> go to AP dhcp on pfsense 192.168.2.30 -- 100
AP Fixed address 192.168.2.101
ping from pfsense 192.168.0.1 to AP 192.168.2.1 There is Ping
ping from AP 192.168.2.1 to pfsense 192.168.0.1 no ping
OPT1 = WIFI = 192.168.2.1/24
Here are screen shots of the management interface of the AP
-
MORE
-
Afraid your WAN should be set to Disabled, not Dynamic IP Address.
-
Totally not a pfsense problem. Did you get it working yet?
-
I can't see where it lets you specify
- the LAN netmask (/24 or 255.255.255.0)
- a LAN gateway
Probably (1) is on a screen somewhere - maybe I missed it.
I suspect it won't have a place to enter (2), because it thinks it is already a router (gateway). -
Totally not a pfsense problem. Did you get it working yet?
not yet
Afraid your WAN should be set to Disabled, not Dynamic IP Address.
Selecting other options
And there is no communicationI can't see where it lets you specify
- the LAN netmask (/24 or 255.255.255.0)
- a LAN gateway
Probably (1) is on a screen somewhere - maybe I missed it.
I suspect it won't have a place to enter (2), because it thinks it is already a router (gateway).As soon as I turn off the dhcp
And gave him a fixed network address
the LAN netmask
and LAN gateway
are from the pfsenseI will try to run pfsense live cd 2.0.3
-
-
Selecting other options
And there is no communicationHuh, whut?
If I choose another option
I will not have internet accessAs soon as I turn off the dhcp
And gave him a fixed network address
the LAN netmask
and LAN gateway
are from the pfsenseEh? There is no netmask and gateway visible anywhere…
there is on pfsense