I have a 951Ui-2HnD, ROS 6.38.5, acting as a PPPoE Router with some local connected PCs and some devices connected through WiFi. Everything works fine but I have a problem with WiFi I cannot investigate while I cannot find the correct tool (if any) to check what is going on.
Let’s see the significant devices: one Desktop connected through ETH-2; one Android Phone, one Laptop and one ESP connected through Wifi. I noticed the problem in HTTP, but ping is enough to see it! I can ping all the devices form the PC, including the ESP, but from the Android and from the Laptop (WiFi connected) I cannot ping the ESP, while I can ping all the other devices: LAN and WiFi.
Pinging ESP from the Laptop, I get:
From 10.3.50.54 icmp_seq=xx Host Unreachable
arp -a says mdp (10.3.50.21) at on wlp3s0
But, I say again, I can perfectly work with ESP (ping, http, etc.) from the wire connected P.C.: it is connected to WiFi.
When I have this kind of problems, usually, I use a LanWatch (= Sniffer) on a cloned port on the MikroTik but having both devices on the same WiFi I don’t know a MikroTik command - if any - to clone the WiFi traffic on an ETH port or any other tools to see what is going between two WiFi devices. I cannot even see what can be wrong in the configuration, while all the WiFi devices connect and are pingable from the Desktop!
The only tool I found (but I hope I am wrong here!) is:
/log add topics=wireless,debug action=memory (or echo)
But the output is only:
echo: wireless,debug wlan1: 5C:CF:7F:03:8B:FB attempts to associate
echo: wireless,debug wlan1: 5C:CF:7F:03:8B:FB not in local ACL, by default accept
when a device connects. Nothing is logged during a successful ping from the lan-connected desktop!
Tools to trouble shoot are Tools > Torch and Tools > Packet sniffer. Torch temporarily shows what interfaces packets are coming and going.
In the wireless interface there is an option called “Default Forward”. When this is NOT enabled, wifi devices cannot communicate with each other. Is it checked?
From the wifi laptop, ping something that doesn’t reply. Then check your arp tables. On windows type this command: arp -a
Does it list the correct mac for that IP? Or not listed at all?
Tools to trouble shoot are Tools > Torch and Tools > Packet sniffer.
Torch temporarily shows what interfaces packets are coming and going.
Ok, I don’t think torch is very useful in my case and with sniffer I just see:
wlan1 9.366 49 ← CC:3A:61:8C:2F:98 FF:FF:FF:FF:FF:FF 10.3.50.51: who has 10.3.50.21?
wlan1 10.369 50 ← CC:3A:61:8C:2F:98 FF:FF:FF:FF:FF:FF 10.3.50.51: who has 10.3.50.21?
wlan1 11.37 52 ← CC:3A:61:8C:2F:98 FF:FF:FF:FF:FF:FF 10.3.50.51: who has 10.3.50.21?
wlan1 12.391 53 ← CC:3A:61:8C:2F:98 FF:FF:FF:FF:FF:FF 10.3.50.51: who has 10.3.50.21?
…
In case of a Ping from WiFi laptop to wired PC I see:
wlan1 37.837 14 ← 00:16:EA:65:2B:72 FF:FF:FF:FF:FF:FF 10.3.50.54: who has 10.3.50.5?
wlan1 37.837 15 → E0:CB:4E:F7:0D:29 00:16:EA:65:2B:72 10.3.50.5: at E0:CB:4E:F7:0D:29
wlan1 37.839 16 ← 00:16:EA:65:2B:72 E0:CB:4E:F7:0D:29 10.3.50.54
wlan1 37.84 17 → E0:CB:4E:F7:0D:29 FF:FF:FF:FF:FF:FF 10.3.50.5: who has 10.3.50.54?
wlan1 37.841 18 ← 00:16:EA:65:2B:72 E0:CB:4E:F7:0D:29 10.3.50.54: at 00:16:EA:65:2B:72
And I like this!
But very surprisngly, pinging the WiFi laptop from android (working!) I see only:
wlan1 2.07 1 ← CC:3A:61:8C:2F:98 FF:FF:FF:FF:FF:FF 10.3.50.51: who has 10.3.50.54?
No reply, no ping packts, nothing else!
At this point I suppose I have a terrible misunderstanding of Wifi, while it looks that, once two devices “know” themselves, they talk “directly” and not through the A.P. … can you confirm?
In other words, while two WiFi devices are happily pinging themselves every second, I see absolutely noting on MikroTik sniffer!!!
In the wireless interface there is an option called “Default Forward”.
When this is NOT enabled, wifi devices cannot communicate with each other.
Is it checked?
Yes, it is and it was. Actually I can ping a WiFi Laptop from the Android Phone and vice-versa.
From the wifi laptop, ping something that doesn’t reply.
“Something” is only the ESP, all the other devices are successful.
Then check your arp tables. On windows type this command: arp -a
Same on Linux.
Does it list the correct mac for that IP? Or not listed at all?
From the WiFi laptop (linux), I see:
10.3.50.21 at on wlp3s0 (this means the ARP failed)
From the LAN PC I see (windows):
10.3.50.21 5c-cf-7f-03-8b-fb dynamic
I made a further test: I connected the WiFi laptop to an other Access Point that is cable connected to the MicroTik and, in this case, the ping is successful. On the same A.P. should I set a static ARP in the laptop it fails anyway. This validates my ignorance in WiFi: it again looks the devices bypass the A.P. once connected… I am very confused!