You are not logged in.

#1 2019-06-11 14:38:15

linbaato
Member
Registered: 2019-06-11
Posts: 5

[SOLVED] Can only access router and internet, but no computers in LAN

Hello,
I cannot reach any computers in my network. I have no problems accessing the internet and pinging google for example.
Pinging and accessing (fritzbox-webinterface) the router (192.168.0.1) also works.

Other computers (my smartphone and a different notebook (running windows) than the one I am having the problem with) can ping&access the other devices without problem. I cannot ping, ssh or connect to a mqtt-broker in my local network. BUT only from this device running arch linux. And ONLY when connected via WLAN. Over LAN everything works. I have tried forcing 2.4GHz instead of the 5GHz (since all other devices are either LAN or 2.4GHz) and I am also running iwd now instead of wpa_supplicant. The problem remains. The weird part is I had instances of a few seconds where suddenly I could connect to the MQTT or ping some device. But the connection breaks immediately (no data is incoming anymore) and a reconnect is not possible.

I have set (what I think is) the default firewall to allow everything via iptables:
Output of # sudo iptables -S

-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT

Wireshark shows the ping packet as follows: (I am 192.168.0.148 and as Wireshark says there is no response)

28671	3074.623693051	192.168.0.148	192.168.0.63	ICMP	98	Echo (ping) request  id=0x28e9, seq=2/512, ttl=64 (no response found!)

The ss command shows the following while trying to connect to the mqtt broker:

SYN-SENT    0       1        [::ffff:192.168.0.148]:41886    [::ffff:192.168.0.63]:mqtt            
SYN-SENT    0       1        [::ffff:192.168.0.148]:47754    [::ffff:192.168.0.63]:idmaps          
SYN-SENT    0       1        [::ffff:192.168.0.148]:39118    [::ffff:192.168.0.63]:vrtstrapserver

I could not find a similar problem anywhere other than here: https://bbs.archlinux.org/viewtopic.php?id=242898
But as I do not have any firewall active (as far as I know) that post did not seem relevant to me. (Or I did not understand the solution?)

Thank you in advance for all help!

Last edited by linbaato (2019-06-12 15:28:29)

Offline

#2 2019-06-11 15:55:12

seth
Member
Registered: 2012-09-03
Posts: 49,951

Re: [SOLVED] Can only access router and internet, but no computers in LAN

Smells like the router keeps the AP and the LAN apart. The fritzbox apparently has a setting for that in WLAN/Security (to allow devices to communicate to each other, sorry I only found german references)

Online

#3 2019-06-11 16:09:10

linbaato
Member
Registered: 2019-06-11
Posts: 5

Re: [SOLVED] Can only access router and internet, but no computers in LAN

I'm german so that would be no problem big_smile

Interestingly I really can ping other devices that are connected via WLAN. Before I somehow only tested to ping the LAN connected ones. But with my phone (via WLAN of course) I can ping LAN and WLAN connected devices. And I also have tested other notebooks that could do this.

I checked the Fritzbox 7390 again and could not find any configuration specific to my device. Also I checked the Security tab (and others) and only found a checkbox that seemed a little relevant:
"Die unten angezeigten aktiven WLAN-Geräte dürfen untereinander kommunizieren" = "The active WLAN devices shown below are allowed to communicate with each other"
But that checkbox is already checked.

Edit:
I am a little step closer thanks to you seth wink
But how come the separation of WLAN and LAN only occurs to me?

Last edited by linbaato (2019-06-11 16:10:39)

Offline

#4 2019-06-11 16:58:05

seth
Member
Registered: 2012-09-03
Posts: 49,951

Re: [SOLVED] Can only access router and internet, but no computers in LAN

Yeah, that's the AP isolation setting and they're apparently not isolated.
Are ethernet and wlan the same subnet (ie. are the first 3 IP blocks the same)?

Online

#5 2019-06-11 17:16:44

linbaato
Member
Registered: 2019-06-11
Posts: 5

Re: [SOLVED] Can only access router and internet, but no computers in LAN

Yes, both LAN and WLAN devices are in the 192.168.0.x subnet with a subnetmask of /24

Last edited by linbaato (2019-06-11 17:17:11)

Offline

#6 2019-06-11 20:52:17

seth
Member
Registered: 2012-09-03
Posts: 49,951

Re: [SOLVED] Can only access router and internet, but no computers in LAN

To summarize: all WLAN devices can contact eech other, all LAN devices can contact each other, all (?) LAN devices can contact all (?) WLAN devices and all WLAN devices except for the archbox can contat all LAN devices?
As for the caveats: did you try to contact the archbox/WLAN from other LAN devices?

How do you configure the network on the archbox? Networkmanager? Do you allow it to spoof the MAC? Do you use a static IP setup? Do you share/re-use the IP between LAN and WLAN?

Online

#7 2019-06-11 22:16:36

linbaato
Member
Registered: 2019-06-11
Posts: 5

Re: [SOLVED] Can only access router and internet, but no computers in LAN

Ah yeah, I forgot: I tried reaching my archbox from another WLAN device and that did not work (if I remember correctly). Tomorrow I will try this again from a WLAN and a LAN device. But I suspect it will fail in both cases. And that would make your summary correct in all cases.

When I began troubleshooting this problem I configured the network via wpa_supplicant and NetworkManager and did switch out both to iwd and ConnMan.

I have never worked with MAC spoofing so I would assume no.

I normally use DHCP but I had changed to static for a while in hope it would change anything. I am back to DHCP right now and the given IP,DNS,etc look fine.

When I used a static IP address I made sure it was not used by looking into the FritzBox. I used the one I got from DHCP and a manually chosen one. Both worked when setting it to the LAN adapter but not with the WLAN adapter.

I will post the results tomorrow.

Last edited by linbaato (2019-06-12 12:36:10)

Offline

#8 2019-06-12 12:35:56

linbaato
Member
Registered: 2019-06-11
Posts: 5

Re: [SOLVED] Can only access router and internet, but no computers in LAN

It seems that I could solve the problem!

First: I tried pinging my notebook again from WLAN and LAN device and it did work from the WLAN device but not from the LAN device. Weirdly I was quite sure I tested from a WLAN device before and it did not work...

Since you mentioned the MAC spoofing I tried just that and it worked! Thank you a lot seth!
I just followed the arch tutorial on how to change the mac with iproute2 and changed one hex-digit. I also changed back to see if the problem would arise again and it did so I now changed it to the new one again.

Offline

#9 2019-06-12 13:02:44

seth
Member
Registered: 2012-09-03
Posts: 49,951

Re: [SOLVED] Can only access router and internet, but no computers in LAN

Cool. Usually this means that there's a MAC filter in the router (poor man's protection against script kiddies) but that would not get you WAN access either. *shrug*

Please always remember to mark resolved threads by editing your initial posts subject - so others will know that there's no task left, but maybe a solution to find.
Thanks.

Online

Board footer

Powered by FluxBB