CommScope RUCKUS Community Forums

jo_nas · ‎10-01-2020

Hello gents,

I've bought an older R500 AP and flashed the last released standalone image on it. The AP is connected to an stupid layer2 switch and this one is connected to a physical OPNsense port. On the OPNsense the gateway for the LAN is 192.168.10.1/23 and the AP has the 192.168.10.3 in this case.

After creating the local subnet and the DHCP configuration, the connected client can't reach more than the gateway on the OPNsense, but the Ruckus AP with 192.168.10.3 can reach anything in the WWW without any problems. I also checked the incoming traffic to the FW and you can only see the connection to the gateway from the client but e.g. pinging the google DNS gives me now connection logs on the FW, so it seems, there is no incoming traffic passing it.

I also tried to connect the AP directly to the physical OPNsense port without the switch, but the problem is still there. I flashed also the image new and made a factory reset, nothing changed. The last thing I did was to test, if the client can reach another subnet behind the firewall on another physical ports. So I created a ACL on the firewall and allowed the traffic from 192.168.10.0/23 to 192.168.20.0/24 and the AP had no problem to reach his own gateway and the other subnet too, but the clients still can't reach the other subnet.

At least I do not know what the problem is. It looks like something is not working with the bridge on the Ruckus AP for the forwarding? Anyone experience with such a problem?

Cheers

syamantakomer · ‎10-01-2020

Hi Jo,

Could you share the screenshot of the local subnet from the standalone AP GUI.

If you have a DHCP server on your gateway or in the network, try NOT to create local subnet and see what happens.

Regards,
Syamantak Omer

jo_nas · ‎10-05-2020

Hi,
sorry for the late response.
Attached you can find the configuration settings as screenshots.

I have no DHCP server running on the firewall gateway, the AP is doing the DHCP job. This works fine, I get an IP and everything with that. But there is no connection after the gateway.

Image_ images_messages_5f91c45a135b77e247a3fbcd_2609c307cc571c734881ace12e1476b2_RackMultipart2020100520684cc8y-c4f63777-9350-4cf1-8b38-f6b5dd4c49d5-857259978.PNG1601926782

Image_ images_messages_5f91c45a135b77e247a3fbcd_77a5a6a990e47197504aff43561a29bd_RackMultipart2020100576739tts3-226a4c90-08af-430d-915c-6de449142089-1534712882.PNG1601926762

syamantakomer · ‎10-07-2020

Hi Jo,

I can see that you have configured local DHCP server in the same subnet as AP IP address.

AP IP 192.168.10.3/23 and DHCP IP 192.168.11.1/23 both belongs to same network ID 192.168.10.0/23.

Usable IP host range in this subnet is 192.168.10.1 - 192.168.11.254.

Try to configure a different subnet for local DHCP subnet like 192.168.10.1/24 (255.255.255.0) and check if this fixes the issue.

If it is still not working, please share the screenshots of the updated settings and also share WLAN configuration screenshot which shows the local subnet mapping with the WLAN.

Regards,
Syamantak Omer

jo_nas · ‎10-07-2020

Hi,

I've tested this before. I connected the AP directly to the physical port of the opnsense and configured the subnet with 192.168.20.0/24 and I had the same problem. After the gateway nothing passed the firewall.

But what is the difference if the AP is in the same subnet like the DHCP subnet? At least it doesn't matter or is there something I missed regarding this part?

In the attachment there is the configuration of the Wifi.

Do I've to configure some ACLs for the traffic?

CommScope RUCKUS Community Forums

clients can't reach anything after gateway