Before migrating to Meraki switch (MS120) and access points (MR36), the PC which acts as Time and Attendance Server (IP- 192.168.2.250) can ping the Biometric device (192.168.2.10). They are in the same VLAN.
After replacing the switch and AP, said biometric is no longer accessible. Other hosts in same subnet are pingable from said server, only this biometric device is not. I made sure the IP,SM,GW are correct. We're using Palo Alto firewall and again, no changes made in the firewall or network aside from replacing the switch and AP.
DHCP comes from the firewall.
Anything I need to look?
MS Switch Firmware 16.6.1
MR AP- Firmware 30.5
Solved! Go to solution.
Can you check the MR firewall settings.
Is L2 isolation disabled? Are there no deny rules?
hello, i just changed the status to Allow and still not pingable.
Did you set that on the correct ssid ?
Any acl on the switch maybe?
Port isolation is disabled on the switch ports?
If both devices are in the same vlan and ip range they should be able to ping eachother ( if the client itself allows te be pinged) if above mentioned setting allow them
Thanks for reply.
Yes, the rule applied to correct SSID
ACL in switch has policy "Allow" all Any
Port isolation is "Disabled"
Biometric has static IP and is connected to WiFi
PC is connected over wired (DHCP client)
Have you checked VLAN settings for both ports? Can the MS see the biometric device attached to the port? It should be listed under the Current Clients information.
Thanks for reply.
Biometric has static IP and is connected to WiFi
PC is connected over wired (DHCP client) to switch
Only the biometric is visible in Current clients table.
The troubleshooting so far indicates to me the issue is with the biometric device.
Does the biometric device attach via WiFi?
Because you have replaced your switching, every device would have had to get a DHCP address again. Is there any chance you have an IP conflict? If your biometric device has a static IP address (is this the case?) - is this address excluded from DHCP?
Thanks for your reply.
The biometric is connected over Wifi while the PC is wired. Biometric has static IP settings in the device
Under Wireless/Access Control, have you got Mandatory DHCP disabled?
You nailed it! Wow! It is now responding to the ping.
What's the effect basically in disabling this?
Enabled: Wireless clients associated to an AP (either new associations or clients that roamed from another AP) that have not requested a DHCP address are placed in a blocked state and are not able to send any traffic on LAN and WAN.