Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

My SSID works in bridged mode, but my clients are not able to ping my Firewall

Solved
Forrest
Just browsing
‎Jul 27 2020 2:55 AM
‎Jul 27 2020 2:55 AM

My SSID works in bridged mode, but my clients are not able to ping my Firewall

Hi,

I'm trying to connect an internal server on my LAN but in another subnet.

The wireless clients get their addresses in the 192.168.35.0/24 subnet.

The addresses are correctly distributed by a DHCP pool on my firewall.

Unfortunately no wireless client can ping this same firewall, althought they got an address by it.

There is a firewall rule permitting icmp traffic to it. I've tested it with a wired client positioned in the same VLAN as my wireless clients and this works fine.

But if I connect to my SSID (in 192.168.35.0/24 subnet) then I can ping myself and public IP addresses (like Google open DNS 8.8.8.8). I cannot even ping my own gateway (the same firewall)

 

If I try to ping my gateway I always get a response from 10.128.128.128. This should be a Meraki DNS address right?

I don't want this, that's why I work in bridged mode. So why is this happening? If anyone got a clue, I should be very thankful.

0 Kudos
Subscribe
1 Accepted Solution
ConnorL
Meraki Employee
Meraki Employee
‎Jul 27 2020 4:22 AM
‎Jul 27 2020 4:22 AM

Check Wireless > Firewall & Traffic Shaping and set "Wireless clients accessing LAN" to Allow

View solution in original post

Subscribe
4 Replies 4
ConnorL
Meraki Employee
Meraki Employee
‎Jul 27 2020 4:22 AM
‎Jul 27 2020 4:22 AM

Check Wireless > Firewall & Traffic Shaping and set "Wireless clients accessing LAN" to Allow
Subscribe
In response to ConnorL
Forrest
Just browsing
‎Jul 27 2020 5:49 AM
‎Jul 27 2020 5:49 AM

Thank's a lot Connor!!

Completely forgotten there was a rule denying access to the LAN subnet.

0 Kudos
Subscribe
In response to Forrest
ConnorL
Meraki Employee
Meraki Employee
‎Jul 27 2020 5:51 AM
‎Jul 27 2020 5:51 AM

Ah it's easily missed. Plus it defaults to "deny" for only the first SSID of each network, trips me still nearly 2 years since I started at Meraki.
0 Kudos
Subscribe
In response to ConnorL
Giorgio_Grassi
Comes here often
‎Mar 17 2021 3:56 AM
‎Mar 17 2021 3:56 AM

Hi, I have a similar issue, I have an AP MR33 that have 3 SSID, 2 with MEraki DHCP and one another with bridge, the DHCP server is an MX84 firewall.

I use third SSID for the wireless printer shared in the network.

Printer correctly get the IP from the MX, but I cannot ping them from the wireless client on meraki DHCP.

the option Wireless clients accessing LAN is allowed.

what it could be ?

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.