Wireless Access

Hello everyone,

I have a problem with my firewall, a Sonicwall NSA 3600.
It seems that it doesn't allow wireless clients, roaming to another AP, to connect to the Internet.
I use my only two AP-135 as campus access points, they are connected to a controller 620. The controller is connected to a powerconnect 7048 switch and the switch to the sonicwall.
If a wireless client doesn't try to roam to another AP, it is able to connect to the internet and to our local network. If is roaming, it loses its internet connection even though it is still able to ping the switch and local servers.
The sonicwall's log doesn't show that it denies packets from wireless clients and I don't undersant how it can be aware of the roaming

Maybe someby had a similar problem with a Sonicwall or another firewall brand.

Architecture:

INTERNET
|
NSA3600
|
Powerconnect7048
|
Controller Aruba W-620
|                   \
AP1            AP2

Thank you for your help.

Sorry, I am not fully proficient in English and I am not sure to understand what you ask.

The client is in a VLAN and its gateway is on the powerconnect layer 3 switch.
There is a trunk link between the powerconnect and the controller because I have two WLAN (guest and corporate).
Finally, the powerconnect has a default route to forward all the traffic to the Sonicwall

This sounds very strange.

How long have you had the equipment live? And has this happened from the very start of use?

There's no "normal" reason for this. You could post your entire controller config which might help spot anything important/relevant?

When you see the issue, does the client still have an ARP entry for the Sonicwall (which I assume acts as the user's default gateway)?

As an extension to the last question, does the issue affect ALL types of traffic destined to the internet? Like HTTP, ICMP and FTP?

Just saw you last post, so ignore my ARP question.

You could post your config. That will help check some things.