Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 5 subscribers
  • Views 2968 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Wireless clients cannot communicate if connected to different APs

eclipse79

Hello

I have some APs connected to my SG230. The Wi-Fi network is configured as "Bridge to AP lan". It happens a strange behaviour:

- If client A and client B are connected to the same access point, they can communicate each other, they are pingable.

- If client A and client B are connected to different access points, they cannot communicate, they are no ping visible.

- If client C is connected to wired connection, it can ping both client A and client B.

The issue is not dependent on AP model...

any ideas?

Thanks!



This thread was automatically locked due to age.
  • 0

    Can you post screenshots of your Wireless Protection setup?

    Is each client connecting to the same SSID? Do you have a guest network and internal network set up or is it all just one single connection?

    Are these even Sophos APs, or third-party ones?

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • 0 in reply to Amodin

    hello,

    they are connected to the same SSID, these are the settings:

    Client Traffic: Bridge to AP LAN

    Frequency band: 2.4 and 5 GHz

    Client isolation: Disabled

    Hide SSID NO

    U-APSD: Disabled

    Fast Transition: Disabled

    MAC Filtering type: None

    Thanks

  • 0 in reply to eclipse79

    Ciao,

    I bet if you look in the firewall log, you will see blocks.  Try a rule like 'Internal (Network) -> Any -> Internal (Network) : Allow'.  Fortunato?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi Bob!

    No, sfortunato Slight smile

    I see no packets dropped in firewall log. Why do you think the issue could be caused by a rule? Client A and Clent be are connected to the same WiFi network, their IP addresses don't change when they are connected to different AP...

  • 0 in reply to eclipse79

    It was a guess, but if there are no dropped packets, then, you're right, a firewall rule wouldn't be a workaround.

    What about the wireless and IPS logs?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0

    Hello I have the Same issue my customer has a Printer and a Notebook which are both connected to the same wireless Network.

    The Wireless Network is a Separate Zone with Client Isolation deaktivated.

    If both Devices are Connected to the Same Accesspoint they can Connect to each other but if they are Connected to different Accesspoints they can’t even Ping each other.

    Is there a Solution for this Problem or is it intended? My customer is Calling me every day because he can’t Print from his Notebook.

  • 0 in reply to Markus Nowak

    Hallo Markus and welcome to the UTM Community!

    Did you try a firewall rule like 'Wireless (Network) -> Any -> Wireless (Network) : Allow'?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to Markus Nowak

    Hello,

    today I repeated the test, but the issue did not occur anymore. I did not change anything on UTM, but I repleaced the antivirus.

    May I ask you which antivirus you have installed on the client? Have you tried to disable the firewall on the machines?

  • 0 in reply to eclipse79

    Hello eclipse79,

    im using Panda adaptive Defense 360 and the Windows Firewall on the client allows all Traffic.

    In my Setup i have all The Accesspoints in a Separate Network on (eth2) which is only for The Accesspoints, but 1 Accesspoint

    is connected trough eth0 could there be a Problem when the Accesspoints are not on the Same Physikal Interface but have the same Wireless Networks.

Unfiltered HTML