Hello Guys,
I noticed that setting the Meraki Cloud Authentication I cannot ping my LAN IP. Please how can I resolve this issue?
Solved! Go to solution.
Sure, if you disable Layer 2 LAN isolation then it should work as you expect it. You currently have it enabled.
Have you tried allowing communication with the LAN in the SSID firewall settings?
https://documentation.meraki.com/MR/Firewall_and_Traffic_Shaping/MR_Firewall_Rules
Yes I did
If you are trying to ping a Windows machine it is probably the machine's local firewall denying it. Try disabling this.
If the rest is working there is nothing to worry about, ping is not a reliable test.
Am pinging the gateway and static IP of the switches connected to the MS120, but I can't Ping them. If I disconnect from the Meraki Cloud Authentication, I noticed I can ping all the LAN IP
Is the problem just the ping? Is the rest working?
The devices are working but I can't connect to it like the Sophos firewall, cisco catalysis switches, Synology. I cannot log to the devices to manage them.
So you have a firewall, have you checked to see if your firewall isn't blocking something?
I'll be very honest that this doesn't seem to me to be related to authentication itself, but something on your local network. It would be interesting to validate whether the mask and gateway are correct when you receive the IP.
If the problem persists, I suggest you open a support case.
Are you dropping the users into the correct VLAN?
Yes
If you temporarily turn off authentication (or make it PSK) does the same issue happen?
I'm with @alemabrahao - I don't think this is an authentication issue.
If I make it just psk I will be able to ping and login to the devices on the network
Can you please show a diagram of how the network is configured, are the wifi client and firewall / synology etc all on the same subnet or over there on different subnets and you are routing via a switch or firewall?
Without knowing how traffic is supposed to flow its difficult to provide help but I agree with @alemabrahao the authentication type is unlikely to be the issue
Thank you for the response. Please see the rough diagram below as requested.
From the below. The SSID with OfficeWifi_M, I can ping all the IP and login to them without issue. For the SSID with Office-Wifi, I cannot ping or login to the devices on the network.
Can you verify that in the Office-Wifi Firewall & traffic shaping you do not have Layer 2 LAN Isolation?
Layer 2 LAN isolation only allows traffic to the default gateway MAC address hence it will disable connectivity to any other devices on the wired LAN if they are in that same VLAN.
See the setting configured
Sure, if you disable Layer 2 LAN isolation then it should work as you expect it. You currently have it enabled.
Thank you. Solved