AP + STA mode - can't communicate between clients
- dimitry
- Posts: 16
- Joined: Thu Sep 07, 2017 7:57 pm
AP + STA mode - can't communicate between clients
VoCore 2 is running in AP + STA mode. Connect to it with 2 clients. Both get DHCP addresses. Both can access internet. Tried SSH'ing from one client to the other - no connection. Tried pinging - no cigar. What to do?
- Vonger
- Posts: 898
- Joined: Sun Oct 19, 2014 6:00 am
Re: AP + STA mode - can't communicate between clients
check firewall, allow forward mode
- dimitry
- Posts: 16
- Joined: Thu Sep 07, 2017 7:57 pm
Re: AP + STA mode - can't communicate between clients
How can I tell if it's enabled? Here is my firewall config:
- Code: Select all
firewall.@defaults[0]=defaults
firewall.@defaults[0].syn_flood='1'
firewall.@defaults[0].input='ACCEPT'
firewall.@defaults[0].output='ACCEPT'
firewall.@defaults[0].forward='REJECT'
firewall.@zone[0]=zone
firewall.@zone[0].name='lan'
firewall.@zone[0].network='lan'
firewall.@zone[0].input='ACCEPT'
firewall.@zone[0].output='ACCEPT'
firewall.@zone[0].forward='ACCEPT'
firewall.@zone[1]=zone
firewall.@zone[1].name='wan'
firewall.@zone[1].network='wan' 'wan6' 'wwan'
firewall.@zone[1].output='ACCEPT'
firewall.@zone[1].masq='1'
firewall.@zone[1].mtu_fix='1'
firewall.@zone[1].input='ACCEPT'
firewall.@zone[1].forward='ACCEPT'
firewall.@forwarding[0]=forwarding
firewall.@forwarding[0].src='lan'
firewall.@forwarding[0].dest='wan'
firewall.@rule[0]=rule
firewall.@rule[0].name='Allow-DHCP-Renew'
firewall.@rule[0].src='wan'
firewall.@rule[0].proto='udp'
firewall.@rule[0].dest_port='68'
firewall.@rule[0].target='ACCEPT'
firewall.@rule[0].family='ipv4'
firewall.@rule[1]=rule
firewall.@rule[1].name='Allow-Ping'
firewall.@rule[1].src='wan'
firewall.@rule[1].proto='icmp'
firewall.@rule[1].icmp_type='echo-request'
firewall.@rule[1].family='ipv4'
firewall.@rule[1].target='ACCEPT'
firewall.@rule[2]=rule
firewall.@rule[2].name='Allow-IGMP'
firewall.@rule[2].src='wan'
firewall.@rule[2].proto='igmp'
firewall.@rule[2].family='ipv4'
firewall.@rule[2].target='ACCEPT'
firewall.@rule[3]=rule
firewall.@rule[3].name='Allow-DHCPv6'
firewall.@rule[3].src='wan'
firewall.@rule[3].proto='udp'
firewall.@rule[3].src_ip='fe80::/10'
firewall.@rule[3].src_port='547'
firewall.@rule[3].dest_ip='fe80::/10'
firewall.@rule[3].dest_port='546'
firewall.@rule[3].family='ipv6'
firewall.@rule[3].target='ACCEPT'
firewall.@rule[4]=rule
firewall.@rule[4].name='Allow-MLD'
firewall.@rule[4].src='wan'
firewall.@rule[4].proto='icmp'
firewall.@rule[4].src_ip='fe80::/10'
firewall.@rule[4].icmp_type='130/0' '131/0' '132/0' '143/0'
firewall.@rule[4].family='ipv6'
firewall.@rule[4].target='ACCEPT'
firewall.@rule[5]=rule
firewall.@rule[5].name='Allow-ICMPv6-Input'
firewall.@rule[5].src='wan'
firewall.@rule[5].proto='icmp'
firewall.@rule[5].icmp_type='echo-request' 'echo-reply' 'destination-unreachable' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type' 'router-solicitation' 'neighbour-solicitation' 'router-advertisement' 'neighbour-advertisement'
firewall.@rule[5].limit='1000/sec'
firewall.@rule[5].family='ipv6'
firewall.@rule[5].target='ACCEPT'
firewall.@rule[6]=rule
firewall.@rule[6].name='Allow-ICMPv6-Forward'
firewall.@rule[6].src='wan'
firewall.@rule[6].dest='*'
firewall.@rule[6].proto='icmp'
firewall.@rule[6].icmp_type='echo-request' 'echo-reply' 'destination-unreachable' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type'
firewall.@rule[6].limit='1000/sec'
firewall.@rule[6].family='ipv6'
firewall.@rule[6].target='ACCEPT'
firewall.@include[0]=include
firewall.@include[0].path='/etc/firewall.user'
firewall.@rule[7]=rule
firewall.@rule[7].src='wan'
firewall.@rule[7].dest='lan'
firewall.@rule[7].proto='esp'
firewall.@rule[7].target='ACCEPT'
firewall.@rule[8]=rule
firewall.@rule[8].src='wan'
firewall.@rule[8].dest='lan'
firewall.@rule[8].dest_port='500'
firewall.@rule[8].proto='udp'
firewall.@rule[8].target='ACCEPT'
- dimitry
- Posts: 16
- Joined: Thu Sep 07, 2017 7:57 pm
Re: AP + STA mode - can't communicate between clients
My wireless configuration is:
Both clients connect to VoCore on the same 'internal' wifi. Both get DHCP in the same range 192.168.61.X. So, they should both be in the same 'lan' zone. No forwarding should be necessary if I understand it correctly.
- Code: Select all
wireless.ap.device='radio0'
wireless.ap.mode='ap'
wireless.ap.network='lan'
wireless.ap.ifname='ra0'
wireless.ap.ssid='internal'
wireless.ap.key='password'
wireless.ap.encryption='psk'
Both clients connect to VoCore on the same 'internal' wifi. Both get DHCP in the same range 192.168.61.X. So, they should both be in the same 'lan' zone. No forwarding should be necessary if I understand it correctly.
- dimitry
- Posts: 16
- Joined: Thu Sep 07, 2017 7:57 pm
Re: AP + STA mode - can't communicate between clients
Updated to firmware 20180723V.bin and it's still not working
- dimitry
- Posts: 16
- Joined: Thu Sep 07, 2017 7:57 pm
Re: AP + STA mode - can't communicate between clients
Tried adding forwarding to the firewall:
lan -> lan
wan -> lan
(lan -> wan is already enabled)
Hairpinning is also enabled:
lan -> lan
wan -> lan
(lan -> wan is already enabled)
Hairpinning is also enabled:
- Code: Select all
root@OpenWrt:~# cat /sys/devices/virtual/net/br-lan/lower_ra0/brport/hairpin_mode
1
root@OpenWrt:~# cat /sys/devices/virtual/net/br-lan/lower_ra0/brport/multicast_to_unicast
1
- dimitry
- Posts: 16
- Joined: Thu Sep 07, 2017 7:57 pm
Re: AP + STA mode - can't communicate between clients
Nobody else has this problem? Vonger, you there?
- dimitry
- Posts: 16
- Joined: Thu Sep 07, 2017 7:57 pm
Re: AP + STA mode - can't communicate between clients
Hi Vonger, Could you please provide further directions? I don't know what to do at this point. Thank you.
- Vonger
- Posts: 898
- Joined: Sun Oct 19, 2014 6:00 am
Re: AP + STA mode - can't communicate between clients
I have no idea now, this should be simple...
If all you device can access VoCore2, the only problem block them communicate each other is firewall.
Try to change every REJECT to ACCEPT
If all you device can access VoCore2, the only problem block them communicate each other is firewall.
Try to change every REJECT to ACCEPT
9 posts
Page 1 of 1
Who is online
Users browsing this forum: No registered users and 18 guests