Hi,
I have home-network without VLANs. There are some SOHO Switches and some acceesspoints. I'm not sure if this is an instant controller - but I'm sure it's called virtual controller and one of the accesspoints always act as controller.
Now I have problems to access devices via Intra SSID traffic. This should mean that there are two wireless devices connected to the same SSID. I can browse the internet (so they are successully connected) but I'm not able to print on my samsung C480FW (also connected to the wireless network).
This is my simple config:
version 8.3.0.0-8.3.0
syslocation Virtual
virtual-controller-country AT
virtual-controller-key XXX
name blablabla
virtual-controller-ip 192.168.1.250
terminal-access
ntp-server at.pool.ntp.org
clock timezone Vienna 01 00
rf-band all
allow-new-aps
allowed-ap 24:f2:7f:XX:XX:XX
allowed-ap 24:f2:7f:XX:XX:XX
allowed-ap 24:f2:7f:XX:XX:XX
allowed-ap 24:f2:7f:XX:XX:XX
allowed-ap 44:48:c1:XX:XX:XX
arm
wide-bands 5ghz
80mhz-support
min-tx-power 18
max-tx-power 127
band-steering-mode prefer-5ghz
air-time-fairness-mode default-access
client-aware
scanning
syslog-level warn ap-debug
syslog-level warn network
syslog-level warn security
syslog-level warn system
syslog-level warn user
syslog-level warn user-debug
syslog-level warn wireless
extended-ssid
hash-mgmt-password
hash-mgmt-user admin password hash XXX
time-range Kids7-21 periodic daily 07:00 to 21:00
wlan access-rule HomeNet
index 0
rule any any match any any any permit
wlan access-rule default_wired_port_profile
index 1
rule any any match any any any permit
wlan access-rule wired-SetMeUp
index 2
rule masterip 0.0.0.0 match tcp 80 80 permit
rule masterip 0.0.0.0 match tcp 4343 4343 permit
rule any any match udp 67 68 permit
rule any any match udp 53 53 permit
wlan access-rule Kids
index 3
rule any any match any any any permit
wlan ssid-profile HomeNet
enable
index 0
type employee
essid HomeNet
wpa-passphrase xxx
opmode wpa2-psk-aes
max-authentication-failures 0
rf-band all
captive-portal disable
dtim-period 1
broadcast-filter none
dmo-channel-utilization-threshold 90
local-probe-req-thresh 0
max-clients-threshold 64
wlan ssid-profile Kids
enable
time-range Kids7-21 enable
index 1
type employee
essid Kids
wpa-passphrase xxx
opmode wpa2-psk-aes
max-authentication-failures 0
rf-band all
captive-portal disable
dtim-period 1
broadcast-filter arp
dmo-channel-utilization-threshold 90
local-probe-req-thresh 0
max-clients-threshold 64
auth-survivability cache-time-out 24
wlan external-captive-portal
server localhost
port 80
url "/"
auth-text "Authenticated"
auto-whitelist-disable
https
blacklist-time 3600
auth-failure-blacklist-time 3600
ids
wireless-containment none
wired-port-profile wired-SetMeUp
switchport-mode access
allowed-vlan all
native-vlan guest
no shutdown
access-rule-name wired-SetMeUp
speed auto
duplex auto
no poe
type guest
captive-portal disable
no dot1x
wired-port-profile default_wired_port_profile
switchport-mode trunk
allowed-vlan all
native-vlan 1
shutdown
access-rule-name default_wired_port_profile
speed auto
duplex full
no poe
type employee
captive-portal disable
no dot1x
enet0-port-profile default_wired_port_profile
uplink
preemption
enforce none
failover-internet-pkt-lost-cnt 10
failover-internet-pkt-send-freq 30
failover-vpn-timeout 180
airgroup
enable
multi-swarm
enable-guest-multicast
airgroupservice airplay
enable
description AirPlay
airgroupservice airprint
enable
description AirPrint
airgroupservice Sonos
enable
id urn:schemas-upnp-org:service:GroupRenderingControl:1
id urn:schemas-sonos-com:service:Queue:1
id urn:schemas-upnp-org:service:AVTransport:1
id urn:schemas-upnp-org:service:RenderingControl:1
id urn:schemas-tencent-com:service:QPlay:1
id urn:schemas-upnp-org:service:GroupManagement:1
id urn:schemas-upnp-org:service:ZoneGroupTopology:1
id urn:schemas-upnp-org:service:DeviceProperties:1
id urn:schemas-upnp-org:service:MusicServices:1
id urn:schemas-upnp-org:service:AlarmClock:1
id urn:schemas-upnp-org:device:ZonePlayer:1
id urn:schemas-upnp-org:service:SystemProperties:1
id urn:schemas-upnp-org:service:ContentDirectory:1
id urn:schemas-upnp-org:service:ConnectionManager:1
id urn:smartspeaker-audio:service:SpeakerGroup:1
id urn:schemas-upnp-org:service:AudioIn:1
id urn:schemas-upnp-org:device:EmbeddedNetDevice:1
id urn:schemas-upnp-org:service:EmbeddedNetDeviceControl:1
id urn:schemas-upnp-org:service:HTControl:1
id urn:schemas-upnp-org:service:VirtualLineIn:1
airgroupservice itunes
enable
airgroupservice AmazonTV
enable
airgroupservice "DLNA Media"
enable
airgroupservice "DLNA Print"
enable
airgroupservice DIAL
enable
airgroupservice allowall
enable
cluster-security
allow-low-assurance-devices
The printer has a fixed IP Address 192.168.1.200.
I can ping, samsung software can find the printer but Windows is not able to print on this printer...
When logging in to VC via console when printing:
XXX# show airgroup blocked-service-id
AirGroup Blocked Service IDs
----------------------------
Origin Service ID #response-hits
------ ---------- --------------
Num Blocked Service-ID:0
XXX# show airgroup blocked-queries
AirGroup dropped Query IDs
--------------------------
Service ID #query-hits Thread Num
---------- ----------- ----------
_homekit._tcp 27 1
_airport._tcp 1 1
Num dropped Query IDs:2
XXX#
What I saw in show airgroup servers verbose is the Rec-dropped on the IP of the printer.
AirGroup Servers
----------------
MAC IP Type Host Name Service VLAN Wired/Wireless Role Group Name AP-Name Rec-dropped Rec-filtered Rec-responded Last-query Query Throttled Resp Throttled CPPM-Req CPPM-Rsp CoA CPPM Dev-Added CPPM Dev-Deleted
--- -- ---- --------- ------- ---- -------------- ---- ----- ---- ------- ----------- ------------ ------------- ---------- --------------- -------------- -------- -------- --- -------------- ----------------
00:11:32:08:c2:96 192.168.1.220 mDNS,DLNA DiskStation DLNA Media 1 wired 2OGBuero 2 0 169 Jul 09 20:48:05 0 0 0 0 0
Sonos
airprint
itunes
sharing
00:0e:58:da:3e:18 192.168.1.16 mDNS,DLNA sonos000E58DA3E18 DLNA Media 1 wired 2OGBuero 0 0 11 Jul 09 20:48:05 0 0 0 0 0
Sonos
allowall
00:0e:58:da:15:f2 192.168.1.12 mDNS,DLNA sonos000E58DA15F2 Sonos 1 wired 2OGBuero 0 0 4 Jul 09 20:47:42 0 0 0 0 0
DLNA Media
allowall
00:0e:58:c7:59:a2 192.168.1.28 mDNS,DLNA sonos000E58C759A2 DLNA Media 1 wired 2OGBuero 0 0 4 Jul 09 20:48:05 0 0 0 0 0
Sonos
allowall
84:25:19:2e:cc:38 192.168.1.200 mDNS,DLNA SEC8425192ECC38 airprint 1 wireless Heimnetz 2OGBuero 60 0 22 Jul 09 20:47:47 0 0 0 0 0
allowall
DLNA Print
4c:ef:c0:7d:13:8d 192.168.1.61 mDNS,DLNA 192-168-1-61 DIAL 1 wireless 24:f2:7f:cf:d3:de 0 0 0 0 0 0 0 0
AmazonTV
00:0e:58:c7:59:a6 192.168.1.32 DLNA DLNA Media 1 wired 2OGBuero 0 0 0 0 0 0 0 0
Sonos
Num Servers: 19.
So back to my original question:
- How to configure this system that EVERYTHING is passed like a 25€ accesspoint?
- I wan't to allow traffic within the SSID and also from and to wired network (I have SOMETIMES some problems with SONOS Audiosystem too)
Can this have todo with:
wired-port-profile default_wired_port_profile
switchport-mode trunk ?????????????
allowed-vlan all
native-vlan 1 ???????????????????
shutdown
access-rule-name default_wired_port_profile
speed auto
duplex full
no poe
type employee
captive-portal disable
no dot1x
So what is "No VLAN" and why is standard switchport-mode trunk?
Thank you very much!
regards
Susan