What is the default gateway set to on “My Desktop” and “Laptop”?
1 Like
I would try to ping desktop from ESP if you have some shell access. It may populate arp table. I’ve had some random hiccups, when device wouldn’t answer until i pinged from it.
Also make sure that you don’t connect that ESP over VLAN, but i’m not sure if that’s even possible with ESP wifi card and those two devices in the middle.
Also this wifi router may have some weird separation enabled, but it would affect laptop too, unless some ip ranges are specified. I’m assuming you turned DHCPD off on this router.
10.0.0.1, as expected
There’s no easy way to do this (without writing C code and flashing firmware to the device)
It uses VLANs for some other WiFi networks (like Guest network) but those are on a different subnet (see previous post).
Yes, it’s not a router but an access point, I don’t think it even has DHCP functionality.
Have you tried scanning 10.0.0.146 with nmap -Pn 10.0.0.146 or anything?
Obviously the server should not be communicating with devices outside it’s subnet, but as it is connecting for ping, maybe see if port 22, 80 or 443 is open, and knock on the web doors, or ssh if available?
I really thought the server’s net mask of 24 should block connections to another subnet, and also would have suggested to lower the net mask to /16 or /8 while trying stuff out on the desktop. But as you can connect from the server, best started there?
That’s what you assuming, but in my experience usually assumption leads to inexplicable behavior. Shortly after it usually leads to facepalm 
I.E. Behavior you describe seems to me perfectly normal IF server 10.0.0.1 gives 10.0.0.146 over VLAN.
AFAIR VLAN tag prevents communication to network without that VLAN tag, even if its in the same subnet. But I haven’t read RFC for few years so I can remember wrong.
Anyway I would remove all VLANs and leave only one subnet with DHCP, and then check if all devices ping each other. Also i would use proper /24 network (192.168.x.0/24). I’ve read somewhere that there are devices that wont work properly if you try to force classless subnets like 10.0.0.0/24. But it was while ago so I don’t remember source, and its rather historical oddity.
Still, when troubleshooting remove all possible variables you can.
Can the desktop ping the laptop? Either way, it’s not a PfSense issue.
Is the WiFi device setup to respond to ping?
I got some more machines to try to reproduce the issue, I connected a phone with an IP webcam stream (over HTTP). I was able to watch this on another phone just fine, but it was unreachable from a third Windows machine. Same “undefined” in the arp table. This happened both when the windows machine was connected via wifi and ethernet.
It’s not just pinging, it’s all traffic (because for some reason arp is not working to some devices on this network)
On desktop:
$ curl 10.0.0.146
curl: (7) Failed to connect to 10.0.0.146 port 80: No route to host
On server:
$ curl 10.0.0.146
<!DOCTYPE html><html lang=\“en\“ class=""><head><meta charset='utf-8'><meta name="viewport" content="width=device-width,
etc.
Solved: Apparently I had “Block LAN to WLAN Multicast and Broadcast Data” enabled on the unifi AP. They say it is “recommended to block unless it is absolutely needed”, but I’d say having working ARP between devices other than the router is pretty essential in most cases…
The router somehow builds its own arp table without broadcasts, so that’s why it worked. Also, when WiFi devices first pings an ethernet device, the ethernet device can now ping back. That explains why it sometimes worked for some devices.
Thanks everyone for the help, at least I’ve learned something…
1 Like