Consistent Loss of Internet Connectivity With Wireless Clients
-
I'd say it's probably one or more of your managed switches. I'd back up the configs, reset them, and then set them back up from scratch sans config. You could also have issues with your DNS Resolver in pfSense. I'd like to see a screenshot of your DNS Resolver settings. If you had to restore the config, you could but of course be stuck with this same issue. For some crazy reason have you checked to make sure in your UniFi controller you don't have DHCP enabled. I've never tried to turn it on because I don't use the USGs.
JKnott, I can't remember what make it is but there is an unmanaged switch that doesn't do VLANs. I think it's either Netgear or D-Link. Haven't used them in years but I remember one of those not working with VLANs. I just stuck with the TP-Link ones. Yeah, their managed switches aren't too hot. Not enough horsepower. If I have to use a managed or POE switch, spend the dough and go with Ubiquiti.
ThatGuy
-
All an unmanaged switch can do with VLAN frames is pass them. It takes a managed switch to "do" VLANs, that is assign ports to VLANs etc.. The TP-Link problem, which also affects some APs is multicasts can leak from the main LAN to a VLAN.
-
@jknott said in Consistent Loss of Internet Connectivity With Wireless Clients:
In Android, it's simple enough to disable that, but I don't know about Apple devices.
Consider it also simple enough for Apple devices :
But ... switching this option on, on a new new, will create a new profile ones, the password has to be entered, and then that 'random' MAC will get used for that SSID.
Until you 'forget' the network, of get back to 'no private random MAC' profile.
So, both options work.@jknott said in Consistent Loss of Internet Connectivity With Wireless Clients:
Apple and Android now have "privacy" MAC addresses that change
Because this works well for one, the other just 'copied' the functionality. That's how things are done these days ^^
-
@thatguy Sorry for taking so long to reply. My job requires me to be away from the office for a while at times, so I am just now able to get you the config settings. They are posted below.
-
Make a backup config before you make these changes just in case.
In your DNS Resolver settings try making these changes.
Network Interfaces: ALL
Outgoing Network Interfaces: ALL
DNS Query Forwarding-->Enable Forwarding Mode: CHECKED
DHCP Registration-->Register DHCP leases in the DNS Resolver: CHECKED
Static DHCP-->Register DHCP static mappings in the DNS Resolver: CHECKED (I don't know if you have any Static Mappings to Clients but it shouldn't hurt to check it even if you don't have static mappings to printers, servers, etc).Keep in mind we're only making DNS changes and that wouldn't explain much to me why some of your client devices aren't pulling IP addresses. More likely that would be a DHCP/routing issue. But give these DNS Resolver changes a try and see what happens.
-
@thatguy The settings suggested have been tried. They were modified about a month ago. The "DNS Query Forwarding", "DHCP Registration", and "Static DHCP" options were unchecked due to an issue with Unbound failing and having to be restarted.
Update: The original issue has become less frequent. Now it only seems to happen between the 16:00 and 18:00 hour block, and after about 15 minuets the clients are able to reconnect on their own. Oddly enough I do not see anything going on with pfSense or Unifi at that time.
On the other hand, we are moving back to the EdgeRouter. Management and the person that signs my pay check want the original equipment and stability we had before moving to pfSense. The only reason we were trying to stick it out was for the VPN server included, but we found a better option with the VPN appliance from OpenVPN. I appreciate the help and suggestions everyone has given, and maybe we will give it another shot in the future. Until then, thanks again for the help!
-
@jknott said in Consistent Loss of Internet Connectivity With Wireless Clients:
"privacy" MAC addresses that change. This can mess up WiFi connections. In Android, it's simple enough to disable that, but I don't know about Apple devices.
For reference, the Private Address setting is via: Settings, Wi-Fi, tap the active Wi-Fi connection, tap the (i) info icon, look for Private Address partway down that page and turn it on or off.
Also FYI, I've had issues with my iPhone disconnecting at home since installing 14.5. Suspect it's related to the eero and roaming. Others have it also, per Reddit. Had no issue with any prior iOS or other devices already on 14.5. Workaround is to toggle the Private Address setting (on or off) which I believe just changes away from the apparently blocked MAC.
EDIT: turning off WPA3 on the eero resolved it, so despite WPA3 working for six months apparently it has a problem with iOS 14.5.
-
@wmheath586 I know that you are very frustration about this matter, but please do know that pfsense is base on freeBSD. This means there are limitation, e.g. some type of WiFi card/device doesn't work properly. That being said I am sure in the near future devs will fix this issue...but then again it's freeBSD after all. Anyway I can't wait for pfsense version 2.6.
-
@wmheath586 assuming everything else configured correctly I would point to an IP address conflict or corrupted ARP table, possibly one or more of your devices is obtaining an IP address that is the same as your pfSense box or the ARP table being corrupted by one of your devices.
you can go to shell and run arp -a to inspect your ARP tables.
For DHCP leases go into the GUI under the Status menu.
-
@wmheath586 you might also want to drill down further to the MAC address tables in your router. If you are using a managed switch you should be able to telnet into your router and inspect the MAC address table. This would be relevant if you are running multiple VMs and have left the MAC addresses at their defaults.
