Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [SOLVED] Wireless clients cannot communicatie with each other

    Scheduled Pinned Locked Moved Firewalling
    8 Posts 4 Posters 2.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      Panja
      last edited by

      I have setup wireless (bridged connection) on my pfSense box.
      My wireless clients are able to connect to the pfSense box.
      They can communicate to devices that are wired (NAS, computer) but they cannot see other wireless devices.
      So I cannot ping (example) my iPhone from my MacBook, of vica versa.

      From a wired computer I can ping my iPhone or MacBook.

      This works:
      WIFI –> LAN
      LAN --> WIFI

      Not working:
      WIFI --> WIFI

      I have created an allow any rule for my WIFI interface but that didn't fix my problem.

      1 Reply Last reply Reply Quote 0
      • P
        Panja
        last edited by

        I have found my answer already.

        Allow intra-BSS communication:
        When operating as an access point, enable this if you want to pass packets between wireless clients directly.
        Disabling the internal bridging is useful when traffic is to be processed with packet filtering.

        That checkbox needs to be ticked in order to get it to work.

        :D

        1 Reply Last reply Reply Quote 0
        • KOMK
          KOM
          last edited by

          Communication on the same network never touches pfSense, so it was likely some wireless security stuff which you found.

          1 Reply Last reply Reply Quote 0
          • GruensFroeschliG
            GruensFroeschli
            last edited by

            This is not exactly true for wireless.
            All traffic between clients has to go over the AP (in this case pfSense).

            The only exception are (some) multicast frames and broadcast frames.

            This is because the encryption is between the AP and the STA (client).
            Otherwise anyone connected to the AP could sniff traffic intended for other clients.

            The checkbox "Allow intera-BSS communication" which Panja enabled is exactly to allow traffic between clients.

            We do what we must, because we can.

            Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

            1 Reply Last reply Reply Quote 0
            • KOMK
              KOM
              last edited by

              I don't understand.  The AP is connected to pfSense via a LAN port.  The Wifi IP traffic is local so it should not go past the AP itself, no?

              1 Reply Last reply Reply Quote 0
              • P
                Panja
                last edited by

                No, that's not correct KOM, in my situation.  :)

                I have an APU1D4 with a wifi card in the box (Compex WLE200NX).
                So my pfSense box is also the wifi AP.

                I do NOT have a seperate wifi AP.

                1 Reply Last reply Reply Quote 0
                • KOMK
                  KOM
                  last edited by

                  Oh OK.

                  1 Reply Last reply Reply Quote 0
                  • E
                    egaille
                    last edited by

                    (Already answered on another topic : )

                    (Pfsense 2.3.3) in interfaces > wifi interface menu :
                    You have to select "Allow packets to pass between wireless clients directly when operating as an access point"

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.