Can't reach access point on other interface/subnet to configure it.
-
I am making a guest network on a separate interface and have my machine on what is my private network. I am able to ping the access point and receive a reply but am unable to access the web interface for the access point. Have been trying to find any information online and am at my wits end so any help will be appreciated.
-
@indiegamesfan Does the AP have a gateway configured?
Any chance its web server only listens from its subnet?
-
@steveits The gateway is configured since I can access the AP if I wire myself into the other network.
The AP is a TP-Link EAP225 V2 and I can't find any information about it only looking on it's own subnet.The goal is for the main network to be the administration network and block the web interface on the guest network.
-
There are (at least) two things that could be in play here:
The access point has no route to the Main subnet.
The access point is actively blocking connections from outside it's subnet.
It seems like it does have a route since it is able to reply to pings. So it's probably configured to only allow access to it's webgui from inside the same subnet.
Try to connect to it from pfSense using Diag > Test Port.
Test agaibnst the AP IP address on port 443 leaving the source addess as 'Any' or setting it to APS. If that works try setting the source as MAIN. That will probably fail.If so either configure the AP to allow it or add an outbound NAT rule in pfSense to hide the source IP.
Steve
-
@indiegamesfan said in Can't reach access point on other interface/subnet to configure it.:
and block the web interface on the guest network
I doubt that would be possible with most AP devices, but probably the best chance is to use an outbound NAT rule as mentioned and on the AP allow access only from that IP (the IP of that NAT rule).
