Firewall blocking traffic on WLAN
-
Hello, sorry for the short post, I made a long one and it went to trash because I uploaded a tiff instead of a jpg…
I have a problem with my pfsense router (version 2.2.6), it's rejecting any requests from WLAN (wireless) to WLAN. I have made an allow all floating rule to test and even with this rule I can't access at all wlan from wlan. (Except the pfsense router). The router itself can ping anything on WLAN, that works.
Do you have any clue on what could be happening ?
Thanks in advance,
Tourdetour. -
You mean it blocks access between clients of a Wifi card installed in pfSense box? Or between different interfaces?
-
My PFsense router broadcasts a wifi network using interface WLAN.
I have two computers connected to that wifi network.
These two computers can't communicate with each other but are both able to communicate with computers on other interfaces than WLAN (They an access the Net). -
At the WLAN configuration tab check "Allow intra-BSS communication".
-
Thanks ! That's fixed it !
But isn't this option allowing DIRECT traffic between two computers on the wireless network ? I can't see what they are sharing when this is enabled right ? -
@tourdetour:
But isn't this option allowing DIRECT traffic between two computers on the wireless network ?
Isn't that, what you want?
You can not control traffic between WLAN clients on pfSense likewise you cannot control traffic between LAN clients.
Traffic between WLAN client can just prevented at the access point. This is what this option do, because your AP is built-in in the pfSense box and you can mange it on the GUI. -
That makes sense ! Because the computers would always be connected to each other on a wired network. So if you need control on a wired network, can't you like edit the iptables on the switch ?
Concerning the wireless, can't you allow only certain clients to communicate with each other ? Or you can just have everything or nothing ?
Thank you very much for you answers. -
You can run multiple WLAN SSIDs on just one card and assign different VLANs to them and allow some client to connect to the one SSID, the other to another one.
Then you are able to control traffic between these VLANs on pfSense.But how to do this in pfSense should be asked in a separate thread here: https://forum.pfsense.org/index.php?board=35.0