Reset Search
 

 

Article

Wireless clients cannot get out to the Internet, but are able to access local resources

« Go Back

Information

 
TitleWireless clients cannot get out to the Internet, but are able to access local resources
Symptoms
Wireless clients pulling DHCP IP addresses with all the correct information are able to access all corporate resources, but cannot get out to the Internet. Pings from wireless clients and the AP to corporate resources is successful, but to the default gateway fail. The same clients are able to get out to the Internet when connected to the wired network (LAN).
Environment
  • AP71XX
  • AP75XX
  • AP65XX
  • RFS4000/6000/7000
  • NX55XX/75XX/9X00
  • WiNG 5.X
Cause
The best practices firewall policy has not been implemented. 
Resolution
Export the startup-config from the controller, Virtual controller or AP to an FTP or TFTP server. Open the text file and replace the firewall policy default settings with the following:
 
!
firewall-policy default
no ip dos smurf
no ip dos twinge
no ip dos invalid-protocol
no ip dos router-advt
no ip dos router-solicit
no ip dos option-route
no ip dos ascend
no ip dos chargen
no ip dos fraggle
no ip dos snork
no ip dos ftp-bounce
no ip dos tcp-intercept
no ip dos broadcast-multicast-icmp
no ip dos land
no ip dos tcp-xmas-scan
no ip dos tcp-null-scan
no ip dos winnuke
no ip dos tcp-fin-scan
no ip dos udp-short-hdr
no ip dos tcp-post-syn
no ip dos tcphdrfrag
no ip dos ip-ttl-zero
no ip dos ipspoof
no ip dos tcp-bad-sequence
no ip dos tcp-sequence-past-window
no ip-mac conflict
no ip-mac routing conflict
dhcp-offer-convert
no stateful-packet-inspection-l2
!

Save and import back into the controller or AP. 
Additional notes
  1. If you've created your own firewall policy, make sure to change the default name in the above code to reflect the one you use. 
  2. This only needs to be done on the controller or virtual controller should they be used for AP adoption and management, but should be implemented on all non-adopted APs.
  3. This policy should also be used when experiencing wireless client random connection drops and roaming issues. 
  4. If above does not resolve the issue please contact support for further assistance.

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255