This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Client-Isolation across Accesspoints?

Hello, 

 

we are using 9 Sophos Access-Points accross our company. For the Main-Wifi-Network the Client isolation is disabled. 

However, we are facing the issue, that Clients that are connected to DIFFERENT AccessPoints can't access each other. 
If both Clients are connected to the same AccessPoint, everything works fine. 

(When connected to different accesspoints, another client being connected (wired) can access both, and both can access the

wired client) 

Seems to be some "Client-Isolation", but only when connected to different AccessPoints? 

Any Idea, which configuration setting to check? 

 

(UTM 9.510-5 )



This thread was automatically locked due to age.
Parents
  • Hello,

    i have the same problem.

    I use the AP in Bridge to LAN Modus.

    Is there a solution to fix the problem?

    Thanks a lot.

  • Markus said:

    Hello,

    i have the same problem.

    I use the AP in Bridge to LAN Modus.

    Is there a solution to fix the problem?

    Thanks a lot.

    Hey there, 

    for us the issue was, that clients that connect through different APs (and different Bands, i.e. 2.4 and 5 GhZ) can't see each other. (Even if we have disabled client isolation at all)
    If both are on different Accesspoints, but the SAME band, everthing is fine. (i.e. 2.4 to 2.4 and 5 to 5 is fine)

    this suggestion over here however seems to describe the problem the other way round: 
    https://ideas.sophos.com/forums/17359-sg-utm/suggestions/34011193-client-isolation-between-clients-connected-to-same

    They have client isolation NOT working between different bands, only works on the same band. 

    So, guess there is at least something strange with how that feature is supposed to work and how it really works. 

  • hey,

    I switch the band to 2,4Ghz but still the same problem.

    no connection to the other clients. :-(

  • Hallo Markus and welcome to the UTM Community!

    Are you certain that you don't have 'Client isolation' enabled in the 'Advanced' section of the Wireless Network definition?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hello Bob,

    Thank you for the welcome.

    Yes, i do Double Check.

    Is disabled.

    It works if I connected with my phone on the same AP as the client. Ping and all are fine.

    If I connect to a different AP nothing work.

    Other client is not pingeble.

    Best regards

    Markus

  • Hey,

    It’s me again.

    I set the client isolation to enable -> save.

    Than back to disable-> save.

    Now it seems to work.

    Client connected to different AP are possible to ping.

    I will observe the next Day an we will see.

  • This feels like a bug, Markus.  Have your reseller open a case with Sophos Support and let us know what they say.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • It works for the first time.

    If I connect again to the same AP and when back to a different it’s doesn’t work.

    Enable -> disable client isolation it works again.

    I run at home the home license. So I don’t have a reseller to connect.

    Any other way to make a case by Sophos?

Reply
  • It works for the first time.

    If I connect again to the same AP and when back to a different it’s doesn’t work.

    Enable -> disable client isolation it works again.

    I run at home the home license. So I don’t have a reseller to connect.

    Any other way to make a case by Sophos?

Children