cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Can't join domain over WiFi

SOLVED
Here to help

Can't join domain over WiFi

Hi All,

 

I have a network setup where there are 2 VLANs. The servers are on 118 and the clients are on 128. The server ports on the MS120 are set to trunk mode and all the other ports are access on 128. Clients connected directly into the switch work fine. I have a single MR20 that is broadcasting an SSID in bridge mode. I can connect to the WiFi network fine and I am even getting an IP address from the server on VLAN 118 (so DHCP is working). However if I try to ping the server address or the domain name I get:

 

REPLY FROM 10.128.128.128: destination net  unreachable.

 

Any ideas as to how I make the wireless clients communicate with the network properly?

 

The router on this network is an MX84 which relays DHCP requests to the server on VLAN 118.

1 ACCEPTED SOLUTION

Accepted Solutions
Head in the Cloud

Re: Can't join domain over WiFi

Check the wireless firewall rules. Do you have any rules in there?

View solution in original post

8 REPLIES 8
Head in the Cloud

Re: Can't join domain over WiFi

Check the wireless firewall rules. Do you have any rules in there?

View solution in original post

Here to help

Re: Can't join domain over WiFi

SoCalRacer,

 

Thank you that was it, there was a random layer 3 wireless firewall rule blocking access to the local LAN. Must be a default policy because I hadn't set it.

 

Thanks again,

 

Phil

Building a reputation

Re: Can't join domain over WiFi

Are you using a local DHCP server or Meraki DHCP on the SSID?

 

Is the AP connected to a switchport in trunk mode, or access mode?

 

Is VLAN tagging enabled?

Here to help

Re: Can't join domain over WiFi

Hi rbnielsen,

 

DHCP is running on a windows server, the WiFi clients get an IP address from this server fine. I have tried changing the port the AP is connected to in access of trunk mode. I have tried turning VLAN tagging on but I wasn't too sure which VLAN(s) to add to it - should it be the client VLAN, the server VLAN or both?

 

Many thanks,

 

Phil

Highlighted
Building a reputation

Re: Can't join domain over WiFi


@Phil_SCDS wrote:

Hi rbnielsen,

 

DHCP is running on a windows server, the WiFi clients get an IP address from this server fine. I have tried changing the port the AP is connected to in access of trunk mode. I have tried turning VLAN tagging on but I wasn't too sure which VLAN(s) to add to it - should it be the client VLAN, the server VLAN or both?

 

Many thanks,

 

Phil


If you're getting errors from 10.128.128.128, you are still using Meraki DHCP. 

 

You sure it's in Bridge Mode? Did you check the correct SSID?

ssid access.PNG

Kind of a big deal

Re: Can't join domain over WiFi

You are not using bridge mode, because you are getting a response from 10.128.128.128, which is only used in Meraki NAT mode.

Go back and re-check the settings and change the SSID to bridge mode.

Here to help

Re: Can't join domain over WiFi

Hi Philip,

 

It is definitely in bridge mode (see below).
bridge mode.PNG

Kind of a big deal

Re: Can't join domain over WiFi

Are you sure the clients are being dropped into the correct VLAN?

 

Have you got some MR firewall rules enabled, such as disable local LAN access?

https://documentation.meraki.com/MR/Firewall_and_Traffic_Shaping/'Deny_Local_LAN'_settings_in_Cisco_...

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.