Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 2 answers
  • Subscribers 11 subscribers
  • Views 3119 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Wireless clients cannot communicate if connected to different APs

SBE

Hi,

I found this tread,

 Wireless clients cannot communicate if connected to different APs  (which was NEVER answered since over 2 years)

I have been experiencing the same issue with my Natatmo security cameras for over a year now. According to their support, it is crucial for the cameras to communicate with each other in order to function properly. I have tried checking the Firewall logs and creating special rules, but nothing has helped.

The support team at Natatmo advised me to use the network tool "Discovery - DNS - SD Browser" to see if I can detect the cameras and their communication protocol. However, the result is quite disappointing. I can only see the cameras that are connected to the same access point as my phone. This is a major problem because if the cameras cannot communicate, the alarm system does not work on the other cameras.

I have three floors in my house, each with a Sophos APX320 connected to a Sophos FW Firewall. Due to the size of the house and concrete walls between the floors, it is impossible for all the cameras to be connected to the same access point.

I kindly request someone from the Sophos support or community to investigate this issue. It is a significant problem that should not occur on a managed network like Sophos.

Thank you in advance for your help Pray



Added TAGs
[edited by: Erick Jan at 5:12 AM (GMT -8) on 12 Jan 2024]
Parents
  • 0

    Hello  ,

    Thanks for reaching out to Sophos Community.

    Could you share setup/diagram (at least high level) of your wireless setup and network? Also what SFOS version you are currently running? 

    Regards,

    Raphael Alganes
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • 0 in reply to Raphael Alganes

    Hi Raphael,

    Thank you so much for your answer.

    Sure, I have the latest version SFOS 19.5.3 MR-3-Build652, but I have the issue since several updates yet, so no update corrected the issue.

    You'll also find a detailed diagram of my network topology. Nothing outstanding but I'm a little Tech SAVVY as an IT professional. I also made a special FW rule (logged) that allows specific traffic between devices on the same Wifi and the log entries show the successful traffic between devices and there are no dropped entries! But when two devices are not on the same AP, they cannot communicate together. Which is my issue with my cameras that are necessarily connected to several APs for obvious signal-strength reasons.

  • 0 in reply to SBE

    Hello,

    Thanks for sharing these details.

    Could your try to add a Firewall rule from Source: WIFI zone, Networks: Any to -> Destination: Wifi zone Networks: any ?

    Raphael Alganes
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • 0 in reply to Raphael Alganes

    Hi,

    Thanks for your suggestion.

    As I mentioned earlier, I already did that.

    I also created a specific service on the FW for the Netatmo-lcomm service communicating over port 25052, as the attached picture shows. Netatmo support said it's a "Bonjour" service used to communicate between cameras..

  • 0 in reply to SBE

    Hello,

    Thanks for these details. Could you try to create Link nat rule for this specific firewall rule and MASQ it. Under Rules and Policies > NAT and see if this would help solve the issue. 

    If none of the suggested steps above worked, I may recommend you to open a support case to have this further investigated. Then kindly share with us the caseID.

    Many thanks for your time and patience and thank you for choosing Sophos.

    Regards,

    Raphael Alganes
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

Reply
  • 0 in reply to SBE

    Hello,

    Thanks for these details. Could you try to create Link nat rule for this specific firewall rule and MASQ it. Under Rules and Policies > NAT and see if this would help solve the issue. 

    If none of the suggested steps above worked, I may recommend you to open a support case to have this further investigated. Then kindly share with us the caseID.

    Many thanks for your time and patience and thank you for choosing Sophos.

    Regards,

    Raphael Alganes
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

Children
No Data
Unfiltered HTML