Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    ICMP in subnet

    General pfSense Questions
    2
    4
    942
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      diekstra last edited by

      After installing and configuring my shiny new PFsense appliance I encountered a problem with the wireless printer of my girlfriend.
      The PFsense box has two ethernet interfaces (WAN & LAN) and an additional OPT1 interface, which is the Wifi interface. DHCP is working on both the LAN and OPT1 networks and all seems to work as it should, I can use my laptop completely wireless for surfing the internet and i can get access on the shares on the several NAS devices. Printing on my own (cabled)printer works great.
      But… When I try to ping the wireless printer (which has an address from the DHCP server) I don't get a reply. It doesn't matter what I do, it won't happen.

      Weird thing is, I can ping the printer from the PFsense box itself:
      PING 192.168.3.103 (192.168.3.103) from 192.168.3.1: 56 data bytes
      64 bytes from 192.168.3.103: icmp_seq=0 ttl=64 time=1.910 ms
      64 bytes from 192.168.3.103: icmp_seq=1 ttl=64 time=1.673 ms
      64 bytes from 192.168.3.103: icmp_seq=2 ttl=64 time=1.638 ms

      I've used Wireshark to capture the packets when I try to ping the printer, the output is attached. It looks like the gateway (PFsense) is handling the response but doesn't know it's an internal address?
      I can only ping this printer from a wired desktop, although the printer is connected by Wifi. There are no block rules on the LAN or OPT1 interfaces, allowed is any-to-any on both.

      Explanation:
      192.168.3.1 = IP of PFsense in OPT1 network
      192.168.3.103 = wireless printer
      192.168.3.100 = my Macbook (wireless)

      Anyone with an idea?

      ![2012-10-31 05.14.05 pm.jpg](/public/imported_attachments/1/2012-10-31 05.14.05 pm.jpg)
      ![2012-10-31 05.14.05 pm.jpg_thumb](/public/imported_attachments/1/2012-10-31 05.14.05 pm.jpg_thumb)

      1 Reply Last reply Reply Quote 0
      • GruensFroeschli
        GruensFroeschli last edited by

        On the wireless-interface config page:
        Is the checkbox "Allow intra-BSS communication" enabled?

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • D
          diekstra last edited by

          I feel stupid right now  ;)

          sanders-mbp:~ sander$ ping EPSON002BFF.localdomain
          PING epson002bff.localdomain (192.168.3.103): 56 data bytes
          64 bytes from 192.168.3.103: icmp_seq=0 ttl=64 time=335.937 ms
          64 bytes from 192.168.3.103: icmp_seq=1 ttl=64 time=86.043 ms
          64 bytes from 192.168.3.103: icmp_seq=2 ttl=64 time=4.178 ms
          64 bytes from 192.168.3.103: icmp_seq=3 ttl=64 time=136.680 ms

          Solved within 5 minutes, should have read the manual though…

          1 Reply Last reply Reply Quote 0
          • GruensFroeschli
            GruensFroeschli last edited by

            No reason to feel stupid ;)
            It's not that usual that an access point allows client separation.

            We do what we must, because we can.

            Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

            1 Reply Last reply Reply Quote 0
            • First post
              Last post