Allow traffic from WiFi to internal network


#1

I have a Peplink Balance One that has a WiFi network that was placed on vlan 102. The default gateway for vlan 102 is the peplink router.
I have vlan 100 and 101 that the default gateway is a layer 3 cisco catalyst switch. Devices on the cisco switch can ping the devices on wifi, but devices on wifi can not ping devices on the cisco catalyst.
How can I get the wifi devices to access the internal network.
The peplink IP for LAN on untagged vlan is 172.16.0.1 and the peplink IP for vLAN 102 is 172.16.102.1.
The cisco catalyst IP for vlan1 is 172.16.0.2 and for vLAN 100 is 172.16.100.1 and vLAN 101 is 172.16.101.1.
The peplink has the following routes:
172.16.100.0/24 to router 172.16.0.2
172.16.101.0/24 to router 172.16.0.2


#2

Have you assigned port types to the interface (Access VLan 100, etc). I would think you need a trunk port that contains all the LANS that you want to communicate. Also, make sure that your firewall isn’t blocking it. There is a section for internal rules.

I always put a default logging enabled rule to show when stuff gets blocked. You can see the logs in the event viewer.


#3

They are all trunk ports.
The default allow all rule is on. How do I turn on logging?


#4

In the firewall section. There are three rule areas. Inbound/outbound/internal. Right before the last rule of each area - add a rule and put a check in the box that says “logging”. You can make the rule be whatever your bottom rule was - that makes it the same as your default rule with the difference being that you will see all the traffic hitting the default rule (because it is logged).

Be aware that it takes resources to log - you shouldn’t let it spray the logs - just turn it on for troubleshooting. Personally, I try to account for all traffic in rules above the default logging rule, so it is rare that anything hits the logging rule. Hope this leads you down the right path!