0

I have a Vodafone cable router as wan router in bridge mode, a TP-LINK wifi router with the subnet 192.168.10.0/24 and the /1 address as the gateway. While the desktop has an iptables firewall up with the rule set bellow the Ubuntu Server 24 is a fresh install with ufw uninstalled and the iptables with all 3 chains on accept (INPUT/FORW/OUTPUT).

The ip tables rules are on the desktop:

# Generated by iptables-save v1.8.10 (nf_tables) on Sun Dec 1 21:17:37 2024 *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -s 192.168.10.0/24 -p icmp -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type 8 -m limit --limit 50/sec -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -j LOG --log-prefix "SSH Connection: " -A INPUT -i docker0 -p tcp -m tcp -j LOG --log-prefix "Docker Connection: " -A INPUT -p tcp -m tcp --dport 3478 -j LOG --log-prefix "Google Remote Desktop TCP in" -A INPUT -p udp -m udp --dport 3478 -j LOG --log-prefix "Google Remote Desktop UDP in" -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m tcp --dport 8080 -j ACCEPT -A INPUT -p tcp -m tcp --dport 8000 -j ACCEPT -A INPUT -p tcp -m tcp --dport 6690 -m comment --comment "SYNO driver client" -j ACCEPT -A INPUT -i docker0 -p tcp -m tcp -j ACCEPT -A INPUT -j DROP COMMIT # Completed on Sun Dec 1 21:17:37 2024

The ip a command gives the following settings for the interfaces:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host noprefixroute valid_lft forever preferred_lft forever 2: enp0s31f6: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether 54:e1:ad:c5:b2:1d brd ff:ff:ff:ff:ff:ff 3: wlp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 00:e1:8c:9e:93:e6 brd ff:ff:ff:ff:ff:ff inet 192.168.10.155/24 brd 192.168.10.255 scope global dynamic noprefixroute wlp3s0 valid_lft 6073sec preferred_lft 6073sec inet6 fe80::ab6d:c767:7c9c:f5c7/64 scope link noprefixroute valid_lft forever preferred_lft forever 4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:81:93:e3:b0 brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever

The Server is on the same wifi network.

As i try to ping the server and the desktop from eachother it gives host unreachable. The arp table contains incomplete and contains no mac address.

I am clueless and desperate, can't find any solution. Can someone help me solve this? I want to make a homelab for docker and k8 from the server but it won't work and that's rubbish, i cannot solve this since 2 days.

Improve this question
1
  • Have you tried allowing all network through your firewall and seeing if you can ping the computer? Commented Jan 2 at 19:18

1 Answer 1

Reset to default
0

You mention that the Client and Server are are both connected to the same WiFi Network, via a TPLink Router. I would check if "Client Isolation" is Enabled (aka "AP Isolation") on your Router and if so, Disable it.

If that isn't the Issue, this problem can also occur if "Guest Mode" is Enabled on your Router. Therefore, I would check if this might be the case and if so, Disable it.

You may have to refer to the Documentation for your TPLink Router, for the exact Location of these Settings, etc.

Improve this answer
3
  • Gonna check today and write a reply about it. I might also try wireshark to check on the icmp packets transmission. Many thanks, Matti! Commented Dec 26, 2024 at 8:27
  • you are a genius, it was the client isolation on the tp-link router. (TP-Link Wireless N Router WR840N ) it can be turned off in the main menu's wireless / wireless advanced section. many thanks!!! Commented Dec 26, 2024 at 9:41
  • Technically the solution isn't mine. I'm just a good researcher. I would be sure to upvote the following post, which is where I originally found the solution. :) serverfault.com/a/452058/368364 Commented Dec 26, 2024 at 21:40

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.