Cannot ssh to wifi connected devices on LAN

[chrisb]

My WiFi devices all connect to the internet OK.  Whilst I can ping WiFi connected devices, on the LAN I cannot access them using ssh, http, https, etc.  When the same devices are connected via ethernet, I can access them fine from other ethernet connected devices.  It seems to me there must be a firewall rule blocking them.

WiFi -> WiFi    - ping OK,  TCP connections timeout

WiFi -> Ethernet    - ping OK,  TCP connections timeout

Ethernet -> WiFi   - ping OK,  TCP connections timeout 

Ethernet -> Ethernet    - ping OK,  TCP connections OK

I have tried all permutations of the WiFi setup and Advanced WiFi settings, to no avail.

I accessed the XR500 using its telnet port.  I see its running OpenWRT.  I took a look at the iptables rules but don't see anything obviously blocking wifi services, and note that these systems are using netfilter, not sure how to configure and I don't want to brick my router.

Did this work on a previous firmware?  I'm running V2.3.2.56.

Is there another OS I could install on the XR500 that works as a router should?

I work with IoT devices, many of which only have a WiFi interface, so its essential I get this working.

I raised two tickets with Netgear, the first response was irrelevant, useless advice telling me to change my DNS to google, the second got no response.  Hopefully someone here is more knowledgeable.

[Netduma Fraser]

Hey, welcome to the forum!

I'm also certain this is an issue that needs to be fixed, it seems to have trouble making connections to devices that use a different connection method. For WiFi were they both on 2.4 or 5GHz or one on each? I don't think this is a DumaOS issue so is one for Netgear, however, try disabling QoS fully from the Anti-Bufferbloat menu. Also in WAN Settings toggle IGMP Proxying - maybe it's seeing it as WAN traffic for some reason. Also in that section make sure respond to ping is on although it should be by default.

[chrisb]

Hi, Thanks for getting back to me.  I have tried just running 2.4G radio, 5G and both, always the same.  I have Anti-Bufferbloat set to Never, makes not difference.  I toggled the IGMP Proxy, tried when disabled and enabled, still times out.  I'm sure the packets are being delayed, as once or twice I've been prompted to accept the remote host's keys, but then times out before I get a log in prompt.  That tells me the packets are making it through iptables.   I also tried creating traffic prioritization rules for affected ports, and that makes no difference.

I have also tried it with and without all combinations of WMM,  MU-MIMO and HT160 and again, these make no difference.

Is there a way to turn on more detailed logging?

I've found that udp routes as expected, the problem is with tcp:

cmb@lorikeet:~/Downloads> traceroute -p 53 -P udp 192.168.32.41
traceroute to 192.168.32.41 (192.168.32.41), 64 hops max, 52 byte packets
 1  192.168.32.41 (192.168.32.41)  10.101 ms  2.785 ms  2.229 ms

cmb@lorikeet:~/Downloads> traceroute -p 80 -P tcp 192.168.32.41
traceroute to 192.168.32.41 (192.168.32.41), 64 hops max, 64 byte packets
 1  * * *
 2  * * *
^C

It seems tcp packets are delayed, as occasionally, it will connect after 30 seconds or more, but then times out waiting for a password.  I have to get this fixed.  I have a wifi printer, cameras and IoT devices I need to access for my work.  Is there a config file I can edit?  Does this functionality work in your beta release?

[Netduma Fraser]

There is no way via the interface but you may be able to do so using telnet. Could you try setting up and using the guest network and enable allow guests to see each other and the local network and see if that works please? No one has encountered this in the beta so far so is hard to say.

[chrisb]

I enabled the guest wifi and checked the box to allow guests to see each other and access my local network.

On the guest WiFi, I can ssh to another device on the guest WiFi, so TCP is available on the guest WiFi.

There is no access from the guest WiFi to my local LAN using TCP protocols.  It seems to timeout.

Devices, whether wired or WiFi cannot access devices on the guest WiFi using TCP protocols because it times out.

 

[Netduma Fraser]

Okay that's annoying, thanks for trying. I don't think there is anything else I can suggest at the moment as it's likely a bug. I'd advise you sign up for DumaOS 3.0 as hopefully it's resolved there but if not then it provides a good feedback opportunity. Also make a ticket with Netgear, as it's their hardware they may have some more ideas.

[chrisb]

I solved my problem by installing openwrt on my router.  It does all the standard things a router is supposed to do.  Irrespective of the ubeaut gaming features, I suggest regression testing all the basic features expected in a router, including the operation of tcp protocols on the wifi network.