Not Pingable Same Subnet

FXE
Comes here often

Not Pingable Same Subnet

Hi Guys,

I have an MX firewall acting as the gateway and traffic filtering for my wired and wireless LAN.

In my ACL, I just restrict communication between my guest and my corp WLANs and others are all allowed.

I noticed that I cannot ping the other endpoints under the same VLAN. 

I would like to ask why? Is it by Meraki design? Because i really did not configured any ACLs and I allow the ACL in the wireless. Thank you.

10 Replies 10
ww
Kind of a big deal
Kind of a big deal

Are you certain  the clients itself accept icmp? Is l2 isolation on the APdisabled and L3 local lan allowed?

FXE
Comes here often

Hi @ww , yes it is accepting and I tried also to disable the host firewall just to make sure. also, L2 isolation and L3 local lan are disabled and allowed respectively.

OVERKILL
Building a reputation

Can you ping wired to wired? And as @ww noted, be sure the clients are allowing ICMP responses, Windows 10 blocks them by default. 

BlakeRichardson
Kind of a big deal
Kind of a big deal

Windows have blocked ping by default for as long as I can remember. Is the client connected to the same access point? as mentioned L2 isolation might be blocking this traffic. 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
OVERKILL
Building a reputation

Yeah, think that started with XP, but server OS's typically won't block it (depending on the configuration). 

FXE
Comes here often

I tried disabling the host firewall but still having the same issue. L2 isolation is also disabled.

PhilipDAth
Kind of a big deal
Kind of a big deal

I'm not clear what the scenario is.

 

Are you saying someone attached to the corporate WiFi is unable to ping something else attached to the same corporate WiFi?

 

Is "Deny local LAN" enabled?

https://documentation.meraki.com/MR/Firewall_and_Traffic_Shaping/'Deny_Local_LAN'_settings_in_Cisco_... 

FXE
Comes here often

hi @PhilipDAth , basically in any of my wireless LAN, I connected 2x devices which means those should be under the same subnet and it should be able to communicate to each other however, in my case I am not able to ping each other.

 

host firewall has been disabled, L2 isolation is disabled, and L3 local LAN is set to allow.

PhilipDAth
Kind of a big deal
Kind of a big deal

Is the SSID in bridge mode?  This will be a requirement.

FXE
Comes here often

Hi @PhilipDAth , yes it is currently in bridge mode.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels