Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Gateway Conflict with AP

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    7 Posts 4 Posters 2.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      Kevin
      last edited by

      I have a strange issue and it only started happening a few weeks ago.  We are also in contact with the AP vendor, but I thought I would post here to see if you guys have any feedback.

      I am running RC2 from June 3 currently and we have several Engenius EOC 2611P access points. The network was setup a while back by someone else and the LAN is at 192.168.1.0/24 with the gateway being 192.168.1.1.

      I am seeing this error in the firewall logs:

      kernel: arp: 00:02:6f:xx:xx:xx is using my IP address 192.168.1.1 on igb1!
      
      

      We have traced it to the AP's. Anytime the power gets cycled on one I loose all connectivity to the pfSense box and all network services go down.  We tested it on several AP's and it appears that on the initial boot they advertise themselves as 192.168.1.1 before configuring the assigned address.  A reboot of the core switch clears everything up and the AP's function as they should.

      I feel this is more of a bug in the Engenius firmware, but am I missing something?

      1 Reply Last reply Reply Quote 0
      • Z
        Zuzzy
        last edited by

        Seems strange, my bet is that when they boot they have a short period you could browse to them on their default IP as a recovery tool

        Change your PF gateway to .254 and update DHCP as such and you won't have a problem.  Just exclude .1 from your DHCP pool so noone else uses it either.

        Alternatively use a different subnet - you may find that the APs always use that IP and its just coincidence that they and you both opted for the same IP (coincidence … except its the subnet/IP we all choose first!)

        1 Reply Last reply Reply Quote 0
        • K
          Kevin
          last edited by

          The gateway change to 254 may be best and easiest.  I had thought of readdressing the network, but it has about 200 devices and a ton of port forwards and firewall rules for various servers.  That would be a nightmare.

          This thing was setup years ago.  I never use the 1.1 addressing scheme for that exact reason.

          1 Reply Last reply Reply Quote 0
          • C
            cmb
            last edited by

            That's really ugly, definitely a bug in the APs that hopefully the vendor will fix (or maybe already has if you don't have the latest firmware).

            1 Reply Last reply Reply Quote 0
            • K
              Kevin
              last edited by

              I finally got an answer from the vendor.  The use the RedBoot bootloader.  It looks for a boot image on the network at startup and initially advertises itself as 192.168.1.1.  Even the Engenius tech thought this was a dumb address to use by default. Because this is happening at such a low level he does not look for the engineers in Taiwan to change it anytime soon.

              The workarounds that were suggested are to bock TCP port 9000 or add a static ARP entry for the real gateway.  I have discussed changing the gateway address with the customer, but he wants to avoid that if at all possible.

              I plan to try these this weekend.

              BTW Chris it was great to meet you at SELF last weekend.  Hope you had a good time and will be back next year.  The SELF network was powered by pfSense.

              1 Reply Last reply Reply Quote 0
              • C
                cmb
                last edited by

                Ah yeah that's a much lower level. I haven't heard of that happening with RedBoot before though, that's a very common boot loader for embedded hardware. I suspect they're doing something atypical there. But yeah good luck getting it fixed, you're likely stuck working around it.

                @Kevin:

                BTW Chris it was great to meet you at SELF last weekend.  Hope you had a good time and will be back next year.  The SELF network was powered by pfSense.

                You too! Actually didn't realize that was you until you mentioned it and I looked at your profile. Yeah it was a great conference, I definitely plan on returning next year.

                1 Reply Last reply Reply Quote 0
                • stephenw10S
                  stephenw10 Netgate Administrator
                  last edited by

                  You can change RedBoot's IP quite easily if you have access to the boot loader prompt.
                  Simply run fconfig and hit return across each parameter you don't want to change until you get to the IP.

                  Steve

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.