1. Home
  2. pfSense® Software
  3. General pfSense Questions
  4. ICMP in subnet

ICMP in subnet

  • D

    After installing and configuring my shiny new PFsense appliance I encountered a problem with the wireless printer of my girlfriend.
    The PFsense box has two ethernet interfaces (WAN & LAN) and an additional OPT1 interface, which is the Wifi interface. DHCP is working on both the LAN and OPT1 networks and all seems to work as it should, I can use my laptop completely wireless for surfing the internet and i can get access on the shares on the several NAS devices. Printing on my own (cabled)printer works great.
    But… When I try to ping the wireless printer (which has an address from the DHCP server) I don't get a reply. It doesn't matter what I do, it won't happen.

    Weird thing is, I can ping the printer from the PFsense box itself:
    PING 192.168.3.103 (192.168.3.103) from 192.168.3.1: 56 data bytes
    64 bytes from 192.168.3.103: icmp_seq=0 ttl=64 time=1.910 ms
    64 bytes from 192.168.3.103: icmp_seq=1 ttl=64 time=1.673 ms
    64 bytes from 192.168.3.103: icmp_seq=2 ttl=64 time=1.638 ms

    I've used Wireshark to capture the packets when I try to ping the printer, the output is attached. It looks like the gateway (PFsense) is handling the response but doesn't know it's an internal address?
    I can only ping this printer from a wired desktop, although the printer is connected by Wifi. There are no block rules on the LAN or OPT1 interfaces, allowed is any-to-any on both.

    Explanation:
    192.168.3.1 = IP of PFsense in OPT1 network
    192.168.3.103 = wireless printer
    192.168.3.100 = my Macbook (wireless)

    Anyone with an idea?

    ![2012-10-31 05.14.05 pm.jpg](/public/imported_attachments/1/2012-10-31 05.14.05 pm.jpg)
    ![2012-10-31 05.14.05 pm.jpg_thumb](/public/imported_attachments/1/2012-10-31 05.14.05 pm.jpg_thumb)

    0
  • GruensFroeschli

    On the wireless-interface config page:
    Is the checkbox "Allow intra-BSS communication" enabled?

    0
  • D

    I feel stupid right now  ;)

    sanders-mbp:~ sander$ ping EPSON002BFF.localdomain
    PING epson002bff.localdomain (192.168.3.103): 56 data bytes
    64 bytes from 192.168.3.103: icmp_seq=0 ttl=64 time=335.937 ms
    64 bytes from 192.168.3.103: icmp_seq=1 ttl=64 time=86.043 ms
    64 bytes from 192.168.3.103: icmp_seq=2 ttl=64 time=4.178 ms
    64 bytes from 192.168.3.103: icmp_seq=3 ttl=64 time=136.680 ms

    Solved within 5 minutes, should have read the manual though…

    0
  • GruensFroeschli

    No reason to feel stupid ;)
    It's not that usual that an access point allows client separation.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy