AP isolation - what have i done, how to fix it....?

Modesty

Thanks for feedback.

To be clear.

They are both on same WLAN
Chromcast is on ip 192.168.0.105
Phone with google home + stream app is on 192.168.0.101

What I tried was to connect phone + cromecast to vlan 192.168.5.x then it worked.

That means that devices are OK, but my LAN on 192.168.1.x has some hick up.

I have done no changes im aware of regarding router settings. Cromecast worked monday, wednesday i did not work.

I facory reset the cromecast but it did not work on my LAN.

So now im not shure what to do....

ANy more info you can give me

bingo600

@Modesty said in AP isolation - what have i done, how to fix it....?:

Thanks for feedback.

To be clear.

They are both on same WLAN
Chromcast is on ip 192.168.0.105
Phone with google home + stream app is on 192.168.0.101

OK

What I tried was to connect phone + cromecast to vlan 192.168.5.x then it worked.

So you have a Multi Vlan (SSID) capable WIFI ?
What model is it ?

That means that devices are OK, but my LAN on 192.168.1.x has some hick up.

Did you mean : my LAN on 192.168.0.x

/Bingo

stephenw10

If they are both in the same subnet, I assume 192.168.0.0/24, then they will be talking directly to each other. Or at least attempting to. pfSense does not even see that traffic so cannot do anything to it.
Check the subnet masks are correct or both devices.

Otherwise it can only be blocked in the AP or maybe in a switch if you have multiple APs for that SSID.

Steve

Modesty

@bingo600 and @stephenw10 thanks for answer

My lan 192.168.0.x is not working with my chromcast.

all subnets in /24
"pfSense does not even see that traffic so cannot do anything to it."
---> This is my question, Is this true? can do nothing?

I have cable modem (bridge mode) + pfsens router + managed switch + 4 AP unifi.
these 7 items I have not done any changes on last week.

I have 3 wlans, my family, my rental apartment and IoT, all traffic blocked between them. This lans is set up by my unifi controller + pfsens has 3 individual DHCP servers, 1 fore each wlan.

So i have no clue what happens...

On strange issue is that monday i tried to cast from win 10 by using Videostream to the cromcast thats not working now. That was maybe the root to my problems because all my net did get a big hick up, I had to reboot rooter and my cable modem (wich is set up in bridge mode). After that reboot my cromcast stoped working.

You say I cant do configuration regarding

bingo600

@Modesty

Long shot ....
Are you sure the UniFi controller hasn't uploaded new firmware to the AP's ?

I think my DEB10 based Unifi controller (at work) updated today , when i ran an apt update / upgrade.

I have set the "Do not upgrade AP firmware automatically" flag on my controller.

But it would be "Bad karma" from Ubiq to change (set) disallow Client to Client comms wo. SHOUTING IT OUT - In the release notes.

You say if you move your CC + Client to "SSID" 192.168.5.x then it works ?

But it doesn't work on "SSID" 192.168.0.x

As @stephenw10 mentions:
When two clients comunicating on the same subnet/vlan (with the correct subnet mask set) , the traffic would not even pass or be seen by the firewall.

That is why we keep bugging you about the AP's , and their settings/firmware.

/Bingo

stephenw10

The discovery traffic should go dircetly between the client and Chromecast of they are on the same subnet on the same SSID. Even if pfSense was set to block everything that should still work. Of course the Chromecast would not be able to connect out to, for example, Netflix if you did that.
Does the Chromecast actual show as connected to the expected SSID after the setup? In the DHCP leases list in pfSense?

Steve

Modesty

Thanks a lot for your effort, it suddenly worked....

I switched of ntop, thats all. And that should actually don't do anything, as ntop is only a "probe" between lans/wan.

By the way, ntop was running on monday when all systems was running and working...

Proof:

Now its time for pizza and coke.

bingo600

@Modesty said in AP isolation - what have i done, how to fix it....?:

Thanks a lot for your effort, it suddenly worked....

I switched of ntop, thats all. And that should actually don't do anything, as ntop is only a "probe" between lans/wan.

Nice Projector

ntop or ntop-ng

/Bingo

Modesty

@bingo600 said in AP isolation - what have i done, how to fix it....?:

@Modesty said in AP isolation - what have i done, how to fix it....?:

Thanks a lot for your effort, it suddenly worked....

I switched of ntop, thats all. And that should actually don't do anything, as ntop is only a "probe" between lans/wan.

Nice Projector

ntop or ntop-ng

/Bingo

Thumbs up click dont work. I give you all 10 points.

I dont like big black tvs in my home, so i have screen coming down.

bingo600

@Modesty

Did you remove ntop or ntop-ng , to get it to work ?

Modesty

@bingo600 i did not remove, I stoped service ntopng.

On Monday I will try to enable ntopng again, weekend we watch a bit tv, and i will not run around and fix things.