Lease Active but Can't Ping or Access Device
-
I'm not sure if anyone can help while I'm here or not, but I thought I'd give it a shot. I'm installing a 2100 for someone and everything seems to be working except for one device, a Synology Rackstation. It appears in the DHCP lease table as having an address of 172.16.20.20, but I can't ping it from the 2100. I also can't resolve it's DNS name from a computer. I just get a could not find host error message.
Everything else seems to work just fine, phones, printers, etc. Unfortunately, I can't even connect to the Synology to access its settings because I can't get to the web interface. I tried a reboot of both the 2100 and the Synology with no change.
Ping shows 100% loss. I can see the device using the Unifi switch AR and the port is active.
-
I am completely lost on this one. I hooked the Synolog back up to the old Sonicwall and was able to immediately connect. I broke the bond on the Synology and went back to two discrete interfaces ensuring they were both set to DHCP. I hooked each NIC up to a different switch and saw it grab a second address of 172.16.20.21. The pfsense DHCP table showed 172.16.20.21. The other NIC on the Synology was still connected to the 192.168.0.0 network so I could view the interface.
But I still can't ping it or resolve the host name from inside pfsense. I can now ping it from my PC, but can't resolve the hostname or access the GUI using the 172.16.20.21 address.
I am stumped.
-
@Spyderturbo007 synology has its own firewall.. Possible that is blocking your access on the IP your trying to access it on.,
Why would you think you could resolve the name? Did you set a reservation for it, and register those, or do you have register dhcp enabled? If your using kea neither of those features would work.
-
I just wanted to post some screenshots before I left the site. Thank you!
-
@johnpoz Thank you for the help. I think we cross posted. You said "Why would you think you could resolve the name?". I'm not 100% sure what you mean, but why wouldn't I be able to connect to something by hostname? Perhaps I'm not understanding the question.
-
@Spyderturbo007 just because a client gets an IP from dhcp doesn't mean you can resolve some fqdn to that IP via dns.
Unless your registering dhcp in pfsense unbound, it won't resolve some name to the IP. And if your using the new kea dhcp server in pfsense it doesn't register anything yet.
if you want some name to resolve to the IP, it would need to be in dns. or mdns would have to be on the nas. And respond.. If you can not ping the IP, and your on the network - it points to firewall on the nas.
Or if your wifi on this network, the AP could have isolation on and now allow you talk to the other device, this would prevent your ping, and could block mdns answering from the device as well.
Pfsense has zero to do with some device 172.16.20.26 and 172.16.20.10 talking to each other. Pfsense routes/firewall traffic between networks. It is not involved in conversations between devices on the same network.
-
@johnpoz said in Lease Active but Can't Ping or Access Device:
synology has its own firewall.. Possible that is blocking your access on the IP your trying to access it on.,
I feel like such an idiot. You were 100% correct. It was the Synology firewall blocking anything but the 192.168.0.0 subnet. As soon as I added a rule allowing 172.16.20.0, it all started working.
My brain got stuck on the pfsense because it was the only thing new. I didn't even think of the subnet change.
Thank you so much @johnpoz !
-
@Spyderturbo007 said in Lease Active but Can't Ping or Access Device:
My brain got stuck on the pfsense because it was the only thing new.
Yeah that happens a lot to be honest.. Its easy to think that hey I only switched this out, this has to be the problem. So don't feel so bad, but providing the info you did allows others to see what your not seeing and point out other things that could be the problem.
Glad you got it sorted.
