USG60W - Access to LAN from additional WAP
Options
I am new to the USG having converted from a Cisco ASA but have successfully set up the 60W with all working as expected with one exception.
The USG60W is set up as my WAP (originally using EZMODE but subsequently converted to expert mode). There are two additional WAPs (Cisco WAP121) in LAN1 using the same SSID. No VLAN is used.
When devices connect via the USG60W, they can access the WAN and hosts on the LAN (as required). When the same devices connect via either of the other WAPs, they are able to access the WAN but *not* the hosts on the LAN. The WAPs were previously working without issue in tandem with the Cisco ASA.
Any ideas what I am missing or how best to debug.
With thanks
The USG60W is set up as my WAP (originally using EZMODE but subsequently converted to expert mode). There are two additional WAPs (Cisco WAP121) in LAN1 using the same SSID. No VLAN is used.
When devices connect via the USG60W, they can access the WAN and hosts on the LAN (as required). When the same devices connect via either of the other WAPs, they are able to access the WAN but *not* the hosts on the LAN. The WAPs were previously working without issue in tandem with the Cisco ASA.
Any ideas what I am missing or how best to debug.
With thanks
0
Accepted Solution
-
Check your port role that your on the same LAN1
You may need to make a security policy rule for from LAN1 to LAN15
All Replies
-
Hi @Neil_Bain,Here it is the configuration example for your referenceThe router is connected to LAN2 of USG60W and the laptop is connected to LAN1.Topology:
On the router, select the operation mode as “Access Point”.
In this mode, wireless client which is connected to the SSID of the router gets the same IP subnet of LAN2 of USG60W after the router is connected to LAN2 of USG60W.
Check if your AP has operation mode such as AP mode or bridge mode.
Make sure the security policy rules are allowed.
iPhone is connected to the router and gets IP 192.168.20.35.
Ping the laptop 192.168.10.34 successfully.
0 -
Check your port role that your on the same LAN1
You may need to make a security policy rule for from LAN1 to LAN15
Categories
- All Categories
- 390 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 51 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 331 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 879 Nebula FAQ
- 414 Security FAQ
- 220 Switch FAQ
- 194 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 61 Security Highlight