[SOLVED] Wireless clients cannot communicatie with each other



  • I have setup wireless (bridged connection) on my pfSense box.
    My wireless clients are able to connect to the pfSense box.
    They can communicate to devices that are wired (NAS, computer) but they cannot see other wireless devices.
    So I cannot ping (example) my iPhone from my MacBook, of vica versa.

    From a wired computer I can ping my iPhone or MacBook.

    This works:
    WIFI –> LAN
    LAN --> WIFI

    Not working:
    WIFI --> WIFI

    I have created an allow any rule for my WIFI interface but that didn't fix my problem.



  • I have found my answer already.

    Allow intra-BSS communication:
    When operating as an access point, enable this if you want to pass packets between wireless clients directly.
    Disabling the internal bridging is useful when traffic is to be processed with packet filtering.

    That checkbox needs to be ticked in order to get it to work.

    :D



  • Communication on the same network never touches pfSense, so it was likely some wireless security stuff which you found.



  • This is not exactly true for wireless.
    All traffic between clients has to go over the AP (in this case pfSense).

    The only exception are (some) multicast frames and broadcast frames.

    This is because the encryption is between the AP and the STA (client).
    Otherwise anyone connected to the AP could sniff traffic intended for other clients.

    The checkbox "Allow intera-BSS communication" which Panja enabled is exactly to allow traffic between clients.



  • I don't understand.  The AP is connected to pfSense via a LAN port.  The Wifi IP traffic is local so it should not go past the AP itself, no?



  • No, that's not correct KOM, in my situation.  :)

    I have an APU1D4 with a wifi card in the box (Compex WLE200NX).
    So my pfSense box is also the wifi AP.

    I do NOT have a seperate wifi AP.



  • Oh OK.



  • (Already answered on another topic : )

    (Pfsense 2.3.3) in interfaces > wifi interface menu :
    You have to select "Allow packets to pass between wireless clients directly when operating as an access point"


Log in to reply