Can't access WIFI Access Point on Network



  • Good morning

    I've searched this, but have had no luck solving thus far.  I have been unable to access my Asus WIFI Access Point and get a "refused to connect" message from Chrome when I attempt to get to the AP's GUI.  WIFI still works fine and I can see all devices connected via WIFI within the DHCP server list in pFsense.

    My setup: ISP Modem (Spectrum) > pFsense > Unmanaged Switch > Clients and ASUS Wifi Access Point (with two mesh nodes)

    pFsense LAN: 192.168.2.1/24 (several static IP's assigned x.x.x.5-25 and DHCP x.x.x.26-253). 
    ASUS WIFI AP: 192.168.2.2 (255.255.255.0, default gateway and both DNS servers set to 192.168.2.1)

    I do see the AP's IP address within the ARP Table (under diagnostics) and I can ping it just fine with zero packet loss.  Now, some weirdness:

    • I try AP at 192.168.2.2 often and once or twice I have been able to get the login page.  Then I'll try again a few hours later and it refuses to connect.

    • I've also used the ASUS Device Search utility.  Most of the times it can't find anything (including the other two ASUS mesh nodes).  Once in a while it'll find either just the main AP (and not the nodes), or all three.  When this happens and I click on the AP, it'll give me a message that I need to be on the same subnet… but, I am on the same /24 subnet from everything I can find.

    • I can however, access the AP with the ASUS Android app just fine and 100% of the time, but that only offers limited functionality.

    Other info and settings:
    -I am using PIA VPN setup as a VPN client.  I have the standard Firewall LAN rule "Default allow LAN to any rule" with the PIA VPN as the gateway, with only a few devices that use WAN as the gateway (fire tv, PS4, work laptop) to bypass the VPN.

    Thoughts?



  • Your AP and your PCs are on the same L2 network and the same IP subnet, so your router should not be involved at all.
    Take any PC with static IP, disconnect pfSense from the switch and make a test with a single AP first.
    Make sure your AP is configured as AP only and double check that you do not have any address conflicts, check arp on pfSense next time you see that issue.



  • First : Only activate VPN stuff if everything else is working flawlessly.

    Connect your PC to the ASUS AP.
    Run

    ipconfig /all 
    

    on your PC.
    Does it get a IP, gateway, DNS, etc ?

    Check the DHCP log on pfSEnse - can you see the DHCP attribution to your device ? Is the lease listed ?

    Btw : this is exactly what I have :

    pFsense LAN: 192.168.2.1/24 (several static IP's assigned x.x.x.5-25 and DHCP x.x.x.26-253).
    ASUS WIFI AP: 192.168.2.2 (255.255.255.0, default gateway and both DNS servers set to 192.168.2.1)

    Instead of one AP, if have 4 AP's  on 192.168.2.2 -192.168.2.3 192.168.2.4 192.168.2.5. (all Linksys DD-WRT devices
    Works for a decade or so now.



  • Hi guys. Did you get this resolved. I have exact same issue.

    I can not access my AP web page logon page via wifi laptop but i have no problem accessing it from desktop via cat5 which connect via cable to this AP, also asus.

    Chrome is telling me connection refused like firewall (pfsense) rejected it. What's weird i don't have this issue with hard wire, just wifi. I can access pfense via wifi thought so it's only this AP.

    Did you get this resolved and if so how?

    P.S Edit:
    Ok so i can access portal via http but https does not work even tho when i check AP both https and http are enabled in gui. Weird still. It's like secure connection is rejected but unsecure is not.I can also access portal via hostname i assigned so just secure https is not working for some reason.



  • @rango said in Can't access WIFI Access Point on Network:

    my AP web page logon page

    What is this ?
    The GUI of the AP ?

    @rango said in Can't access WIFI Access Point on Network:

    Ok so i can access portal via http but https

    What portal ?

    @rango said in Can't access WIFI Access Point on Network:

    when i check AP both https and http are enabled in gui. Weird still. It's like secure connection is rejected but unsecure is not

    Probably because https needs a certificate signed by entity recognized by your browser. A "home made" certificate won't do it anymore.

    Still, I don't really understand you issue.
    What are your LAN settings ?
    IP LAN pfSense ?
    IP AP ?



  • @rango said in Can't access WIFI Access Point on Network:

    I can not access my AP web page logon page via wifi laptop but i have no problem accessing it from desktop via cat5 which connect via cable to this AP, also asus.

    Some APs do not allow access from the WiFi side. With some others, it's configurable. For example, with my TP-Link TL-901N, I can configure which MAC addresses are allowed to access the AP via WiFi. The reason for this is to prevent others from configuring the AP. Regardless, it has nothing to do with pfSense.


Log in to reply