WLAN clients can't ping each other, and other issues



  • Hi,

    I have a setup as per the attached diagram.  My firewall rules are attached, too.  I am running pfSense Embedded 1.2.3 on an ALIX, with a WLAN on a mini PCI card.  My ultimate objective is to run a Joomla! Jumpbox in a VirtualBox on a wireless client and port-forward a non-standard http port (I use 19000) from the WAN to the VirtualBox.  WLAN is bridged to LAN.  DHCP turned on.  Networking in VirtualBox is bridged to the host's NIC.

    I observe the following symptoms:
    1. From the attached image, wireless clients cannot ping each other.  But they can be ping'd from pfSense's Diagnostics/PING or a wired PC on the LAN i/f.  That rules out the firewalls on the wireless clients (turned off anyway).  Why can't wireless clients ping each other?

    2. If I put VirtualBox in a wireless client, it can't be ping'd from anywhere except its wireless host.  If it's in a wired client (connected to the LAN i/f) it can be ping'd from anywhere.

    3. The VirtualBox in a wireless client also doesn't acquire a DHCP address.    I see a DHCPDISCOVER and a DHCPOFFER but no DHCPREQUEST (and consequently, no DHCPACK).  However, if VirtualBox is in the wired PC connected to the LAN i/f like in the diagram it manages to acquire an IP.  Why can't VirtualBox acquire an IP if it's in the wireless client?    It receives a DHCP offer from pfSense but why doesn't it issue a DHCPREQUEST?

    I know the obvious is to just ditch the wireless clients and load VirtualBox on the wired PC.  But at the moment there are no cables between my preferred VirtualBox host PC and pfSense, thus necessitating use of wireless.

    Many thanks for any replies…
    ![@temp image for google docs image insertion.JPG](/public/imported_attachments/1/@temp image for google docs image insertion.JPG)
    ![@temp image for google docs image insertion.JPG_thumb](/public/imported_attachments/1/@temp image for google docs image insertion.JPG_thumb)
    ![fw rules.JPG](/public/imported_attachments/1/fw rules.JPG)
    ![fw rules.JPG_thumb](/public/imported_attachments/1/fw rules.JPG_thumb)


  • Rebel Alliance Developer Netgate

    Did you check the box on the WLAN card config that allows inter-client communication? (IBSS)

    You will also need to manually set a channel when turning that on. The "auto" channel has been found to be problematic with that setting on certain cards.



  • Thanks Jimp,

    I turned on IBSS and now the two WLAN clients can ping each other, but it doesn't seem to be stable.  Here's what happened:

    1. Turned on IBSS, left Channel to Auto.  WLAN clients can ping each other.
    2. After about 2 minutes, ping from either WLAN client to the other fails.
    3. Changed Channel from Auto to Channel 1, did a "Repair" on the Windows XP network connection.  Two PCs can ping each other again.
    4. After about a minute, ping fails again.
    5. Did another Repair.  So far ok.

    There are some intermittent "Request timed out" in the ping results for both WLAN clients.  Here's for one of them.  Not sure what can be deduced from it, but the reply times seem to be rather long and erratic.

    Reply from 192.168.50.241: bytes=32 time=46ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=70ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=93ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=13ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=37ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=1814ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=1ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=1ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=30ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=53ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=181ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=1ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=22ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=44ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=67ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=91ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=115ms TTL=128
    Request timed out.
    Reply from 192.168.50.241: bytes=32 time=110ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=38ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=71ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=1ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=99ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=19ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=144ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=166ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=86ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=109ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=30ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=157ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=78ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=98ms TTL=128
    Reply from 192.168.50.241: bytes=32 time=19ms TTL=128


  • Rebel Alliance Developer Netgate

    You may need to check the signal strengths you're getting (Status > Wireless) it might be getting interference or who knows what. Wireless is always a PITA to debug.


Log in to reply