Can't access to nas drive

I have AP connect direct to firewall POE port with ip address ring 10.20.1.1
and have local network ring 10.0.1.1
any client connect to AP can't connect to NAS drive
I have create tow rules
1.from any to poe
2.from poe to any
I can ping any client connect to AP and I can ping the AP(10.20.1.1)
but I can't ping from AP to local network(10.0.1.1)

Comments

  • Check the default gateway and subnet mask on the NAS
  • NAS gw is the trusted Interface IP address with same subnet

  • and the NAS subnet mask is /24 ?

    Turn on Logging on the 2 POE policies.
    This will show entries in Traffic Monitor for packets allowed by the policies, which can help understand where the problem lies.

  • Assuming that you are using a WatchGuard AP the Gateway Wireless Controller, have you checked that the "Enable client isolation" is not checked in the SSID Settings? This will prevent clients on the AP from reaching your NAS.

    Adrian from Australia

  • edited September 2020

    I think that the isolation should only be for the devices connected to the AP - presumably for the 10.20.1.x subnet. At least that has been my experience with WG APs and this setting in GWC.

    OK WCS - what brand/model is the AP?
    And, is the NAS on the 10.20.1.0/24 subnet ?

    Re: I can't ping from AP to local network (10.0.1.1) - a firewall interface alias is called Firebox. Do you have a specific policy which allows an AP connected device to ping 10.0.1.1 or Firebox alias?

  • Hi xxup no I use WatchGuard Wi-fi cloud

  • Hi Bruce,
    I have AP420 with firebox T70 yes NAS on the same subnet
    no I don't have specific policy for ping 10.0.1.1

  • Turn on Logging on your policy which allows packets from the AP subnet to the NAS.
    Let us know what you see.

Sign In to comment.