Apple devices internet connection drops
-
I've set up a Pfsense router running the latest CE. The problem I'm experiencing is that it seems like apple devices are being affected. iphones and ipads are mostly affected such that facetime connection will drop after one minute of connection, and imessages don't work stably either. how could I check what's wrong with my setup?
-
Please confirm :
Your not using the captive portal.
Do you use limiters ?
You are not using pfBlockerNG-devel that can blocls Apple IPs if you activated the right feed.pfSense does not know what an apple device is and doesn't handle traffic any different.
from what you told, you could have an issue with :
The wifi connection,
The AP,
The cable from the AP to pfSense,
Your local upstream device,
Your ISP, and it's peering to the Apple servers.I'm not using facetime myself, but apple sms = imessage work fine on all my idevices.
can you send mail from your apple device ? receive mail from it ?
Web visiting is ok ?
The app store works fine ?Check the pfSense DHCP server log : you'll see all the lines with the MAC and IP of your Apple devices. Do they ask for an IP a lot, not a lot ?
-
@gertjan I’m not using captive portal or limiters or pfBlockerNG. I’m guessing it’s the AP’s issue since I know the ISP isn’t doing anything to impact apple devices. The AP is an old Mercury MW300R router, and not only apple devices are affected occasionally Samsung mobiles get affected too. But if I remove the pfsense and use that Mercury router as the gateway everything works fine. The problems besides FaceTime are mostly unstable web browsing. Some messaging apps such as WeChat work fine. Mail also works.
-
Are you running any packages in pfSense?
Do you see any traffic blocked in the firewall logs?
Steve
-
@stephenw10 no
-
You see no blocked traffic at all? I would expect to see quite a lot of blocks on WAN unless you are using double NAT.
-
@stephenw10 no traffic seems can be pointed to LAN devices
-
Mercury MW300R router, change the WAN/INTERNET setting from DHCP to BRIDGE mode. Bridge mode disable DHCP server, firewall, NAT....all the stuff that pfsense provides. In other words, in bridge mode it be comes a true AP. You won't have to change WiFi settings. They should be saved.
Next physically connect both devices together, pfsense LAN port to mercury LAN port (not the WAN or Internet port).
-
@macos yeah so Mercury doesn’t have a bridge mode itself, so I connected Pfsense LAN to Mercury LAN physically and then set the LAN ip in Mercury to be the same LAN ip in pfsense while disabling the DHCP in Mercury. This is the setup I did
-
@1amt0ny said in Apple devices internet connection drops:
LAN to Mercury LAN physically and then set the LAN ip in Mercury to be the same LAN ip in pfsense while disabling the DHCP in Mercury
Huh? What IP did you set this old wifi routers lan IP to be?
So to use any old wifi router as just an AP.. Yes you connect it to your network via one of its lan ports. But you set the IP to be on the network your running.
So lets say pfsense is 192.168.1.1/24 as its lan address. So turn off the dhcp server on the old wifi router, set its IP to be say 192.168.1.2/24
then on your pfsense the dhcp range would be say 192.168.1.10 - .254
This gives you .3 to .9 to work with as well for more static set devices.
If you set the AP IP to be the same as pfsense 192.168.1.1 in my example - yeah you would be having a heck of time with stuff working.
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.7.2, 24.11 -
Mmm, if you actually set the same IP you would see all sorts of issues. I would also expect to see pfSense complaining about that in the system logs.
Steve
-
@johnpoz I set both of them to be 10.40.0.0/24, is that the problem?
-
No, that's fine. They need to be in the same subnet just not actually the same IP address.
-
@1amt0ny said in Apple devices internet connection drops:
10.40.0.0/24, is that the problem?
Yeah that would be a problem - and that is actually a network not a host address.. Set pfsense to be say 10.40.0.1/24 and your AP to be 10.40.0.2/24
-
pfsense has a 'recipe' for this type of setup.
https://docs.netgate.com/pfsense/en/latest/recipes/external-wireless-router.html?highlight=wireless%20router
By the way, if you plug Mercury the WAN port into pfsense LAN port, pfsense logs will show the IP address/traffic of only the Mercury. This is because wireless clients are behind Mercury FW/NAT.
By using both LAN ports (LAN to LAN port) you bypass the internal Mercury software/apps which at this point is essentially a just switch with WiFi.
Hope this helps.
