7

I'm using an Actiontec M1424WR wireless router/modem combo that came with Verizon FIOS.

A point of clarification, I am using LAN to refer to devices connected via ethernet cable and WLAN to devices connected to the wireless access point. All devices are on a single subnet (192.168.1.0/24) and IPs are assigned via DHCP (some static). Laptops are assigned an IP per active connection.

SSH behaves differently depending on circumstances:

  • LAN -> LAN: works
  • WLAN -> LAN: works
  • LAN -> WLAN: works
  • WLAN -> WLAN: fails

This occurs across multiple devices so I think it's a router issue. All devices can ssh localhost just fine. I've gone through all the router settings, but I can't seem to find anything that might be applicable. I was wondering if anybody else had any suggestions?

Destination Laptop: LAN up, WLAN up

  • LAN -> LAN, ping works
  • LAN -> LAN, ssh works
  • WLAN -> LAN, ping works
  • WLAN -> LAN, ssh works
  • LAN -> WLAN, ping works
  • LAN -> WLAN, ssh works
  • WLAN -> WLAN, ping works
  • WLAN -> WLAN, ssh works

Destination Laptop: LAN down, WLAN up

  • LAN -> LAN, ping fails: Destination Host Unreachable
  • LAN -> LAN, ssh fails: No route to host

  • WLAN -> LAN, ping fails: switches IPs

    64 bytes from 192.168.1.8: icmp_seq=392 ttl=64 time=1.51 ms
64 bytes from 192.168.1.8: icmp_seq=393 ttl=64 time=1.45 ms
From 192.168.1.13 icmp_seq=430 Destination Host Unreachable
From 192.168.1.13 icmp_seq=431 Destination Host Unreachable

  • WLAN -> LAN, ssh fails: No route to host

  • LAN -> WLAN, ping works
  • LAN -> WLAN, ssh works
  • WLAN -> WLAN, ping hangs, no error message or quit.
  • WLAN -> WLAN, ssh fails: Connection timed out

I've uploaded my router's settings in these two albums:

Improve this question
17
  • "The same machines WLAN IP" - are you saying that you have machines with both a LAN IP and another WLAN IP? If so, can you edit and explain a bit more about the setup?
    – Paul
    Commented Dec 21, 2012 at 22:44
  • Which operating system are you running? can you tellnet it on port 22? What is the ListenAddress in your sshd_config? Can you ping it? There're many aspects you must investigate.
    – user181993
    Commented Dec 22, 2012 at 0:39
  • I can't believe you haven't included the error message you are getting
    – barlop
    Commented Dec 22, 2012 at 0:41
  • @user181993: Everything is a mix of ArchLinux or Ubuntu or Debian. Every machine can ssh into localhost, and when connected via an ethernet cable I can ssh in from another machine.
    – wting
    Commented Dec 22, 2012 at 12:06
  • 1
    @WilliamTing The specific words of the error message are obviously relevant. Not for its meaning, but because there would be specific things that trigger the specific error message. BTW, it could be a firewall, so if you are brave/risky, you could turn the FW off and see if you still get the error.
    – barlop
    Commented Dec 22, 2012 at 15:46

5 Answers 5

Reset to default
4

Posting this as an answer as there's been no reply to my last comment, and it may help the OP or others in future...

There is a firmware issue - I'm not sure how widespread - that can cause some functionality to fail on this model of router after a certain date, referenced in this forum post.

The method to fix it as described in the post is to:

  • disconnect the WAN from the router (ensuring you have all the settings you require noted down first)
  • perform a hard reset
  • disable the automatic updating of the date and time, and leave it at default (in the case of the original post, this was in 2007)
  • reconnect the WAN

Simply adjusting the time/date may work, but not having access to this piece of kit I have no idea.

Improve this answer
1
  • ding ding ding We have a winner!
    – wting
    Commented Jan 5, 2013 at 22:13
2
+50

It sounds like there is Wireless Isolation enabled on the router somewhere by default. This prevents wireless clients from communicating with one another and only allows them to communicate with the base station. I have seen some posts online regarding this being a feature in the interface that can be turned off. It is possible that you may need to update the device firmware with a newer version to enable this. It may also be located somewhere in the Advanced panel you showed in the screen shots (Configuration File, System Settings, Port Configuration all seem likely candidates, Network Objects and Routing seem next likely candidates).

Improve this answer
7
  • I've uploaded more screenshots here: imgur.com/a/pk6mx
    – wting
    Commented Dec 28, 2012 at 19:39
  • You might check the firewall settings then? I don't see anything helpful in those screen shots (and I don't have an FiOS router to poke around at). :/
    – Justin Pearce
    Commented Dec 28, 2012 at 19:47
  • Firewall only has 3 settings: high, medium, off. I turned it off and it didn't help.
    – wting
    Commented Dec 28, 2012 at 19:52
  • you may need to see if there is a firmware update for the FiOS device. Barring that adding an option for Wireless Isolation, I'm not sure what you can do.
    – Justin Pearce
    Commented Dec 28, 2012 at 19:54
  • This shows you how to set up your router including disabling wireless isolation: data.agaric.com/how-setup-linksys-router-verizon-fios
    – Everett
    Commented Jan 3, 2013 at 11:23
2

Under your wireless security settings for WPA2, where you set the pre-shared key, there is a setting titled: "Encryption Algorithm". Is this set to TKIP or TKIP+AES ?, if so set it to AES, this will possibly resolve your issue. If this does not work, check if the issue persists after setting your wireless security to WEP with "Open System Authentication".

You will see more details regarding what I have described above in the manual for your wireless router, near the bottom of page 37 at the links shown below:

http://www22.verizon.com/cs/groups/public/documents/adacct/vz_bhr3_rev_g_user_manual.pdf

Improve this answer
2
  • I switched from TKIP+AES -> AES and restarted the router, didn't help. :(
    – wting
    Commented Jan 5, 2013 at 21:32
  • Worked for me on non-branded plain Actiontec wifi router with updated firmware. Why in the world does it have to be set to AES?
    – NoBugs
    Commented Oct 10, 2015 at 4:57
0

It's not wireless security settings fault, but NAT or your IP configuration.

  1. Check whether subnet mask is everywhere (in computers with "ifconfig" and in router it will depend... if you're using DHCP - only router settings will matter, but don't forget that it will only take effect after your computer's IP will expire, so try resetting the router to fasten this process) set to 255.255.255.0 (or /24 in CIDR notation) for all devices, when they are connected to the router.
  2. Ping doesn't go to another computer, but it obviously goes to the router. So, the problem is obviously in the router. If the above doesn't help, you have to disable wireless seperation and use something like a "bridge" mode. Another option is keep all settings as it is, but change WiFi addresses to another subnet like 192.168.5.0. But then you will have to use a subnet 255.255.0.0 for WiFi and for ethernet configurations in your router and in your computers (if you use static IP configuration).
  3. Disable "Advanced filtering" rules.
  4. Disable firewall (temporary).
  5. Does the internet work with only WiFi enabled devices?

Don't forget to save and reboot your router every time you make a change.

Improve this answer
0

I have the same router and I don't believe there is a wireless isolation mode.

Dumb question: are you sure that one of the laptops isn't connecting to the neighbor's wireless? Sorry, had to ask.service iptables

How is iptables setup on your machine? Do you have a default allow policy? iptables --list If they don't all say allow, try turning it off and see if that works. iptables -F It could be set as allow new connections to eth0 but not wlan0.

Are both laptops set to get the exact same static ip for wlan0? Sorry I had to ask. If so set them as DCHP. Do you have some sort of MAC cloning going on where both laptop's wlan0 MAC addresses are the same? That would screw it up or at least confuse dhcp, check with ifconfig.

Make sure you can get out to the internet on both when both are on wlan0!

Turn off unnecessary programs using the internet where possible. Open a terminal on both --- as root, tcpdump wlan0 -- too much garbage? add a | grep -v garbage for packetspam.

Try the pings see what you get. The ping could actually be recieved on the other end but not returned.

Do you have some kind of weird static route set? route should have your local network 192.168. going through wlan0.

To eliminate local machine configuration as a cause, boot an Ubuntu live cd on both. Make sure you can get to the internet on wlan. Check the ip addresses and ping each other.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .