Hi There,
I have a Unifi AP which has its controller on a windows machine.
The DHCP pool is configured on my Vyos router.
The AP is up. The Wireless network is able to fetch the IP address from the DHCP server on vyos, but the issue is that can’t get to the internet.
It says that the ‘Internet may not be available’.
Please suggest.
I can ping gateway, controller and the device IP from vyos.
You need to provide the VyOs configuration so we can check it.
The most common cause would be a DNS issue or NAT
Does the DHCP provide a valid DNS server entry and did you configure NAT for the traffic from the WiFi clients to the Internet?
Hi,
Yes I configured NAT as well. Provided DNS as well.
set service dhcp-server shared-network-name Wi-Fi authoritative 'enable'
set service dhcp-server shared-network-name Wi-Fi subnet 192.168.250.0/24 default-router '192.168.250.1'
set service dhcp-server shared-network-name Wi-Fi subnet 192.168.250.0/24 dns-server '192.168.250.1'
set service dhcp-server shared-network-name Wi-Fi subnet 192.168.250.0/24 dns-server '8.8.8.8'
set service dhcp-server shared-network-name Wi-Fi subnet 192.168.250.0/24 dns-server '8.8.4.4'
set service dhcp-server shared-network-name Wi-Fi subnet 192.168.250.0/24 lease '86400'
set service dhcp-server shared-network-name Wi-Fi subnet 192.168.250.0/24 start 192.168.250.2 stop '192.168.250.254'
set service dns forwarding cache-size '0'
set service dns forwarding domain xxxxxxx.com server '192.168.0.1'
set service dns forwarding listen-on 'eth7'
set service dns forwarding name-server '8.8.8.8'
set service dns forwarding name-server '192.168.0.1'
set zone-policy zone WLAN default-action 'drop'
set zone-policy zone WLAN from LOCAL firewall name 'ALLOW-ALL'
set zone-policy zone WLAN interface 'eth7'
set interfaces ethernet eth7 address '192.168.250.1/24'
set interfaces ethernet eth7 description 'Wifi Network'
set nat source rule 10 destination port '53'
set nat source rule 10 outbound-interface 'eth1'
set nat source rule 10 protocol 'tcp_udp'
set nat source rule 10 source address '192.168.250.0/24'
set nat source rule 10 translation address 'masquerade'
eth1 interface is connected to the Ineternet (ISP)
please change snat to
set nat source rule 10 source 192.168.250.0/24
set nat source rule 10 outbound-interface eth0
set nat source rule 10 translation masquerade
then set a defautl static routing
set protocols static route 0.0.0.0/0 next-hop 192.168.0.1
@echowings
thanks for your reply.,
But I configured NAT initially like this only along with static route.
Still I don’t get to the internet.
Please suggest.
Maybe you need read wiki of vyos and build a lab to test basic nat and static routing function.
Hi,
I have other AP (different subnet).
That is working absolutely fine without any issues.
I have issues with this subnet only.
How about show all of your configuration of your configure file with strip out private information:
show configuration | strip-private
Hi,
Sorry, I can’t share ‘show config’ output. We are not allowed. by strip-private it does not hide all the info.
Can you suggest me something else. This to me seems to be a DNS issue.
Packet comes to the router interface “eth7” and drops then.
It does not resolves the DNS.
Anything for DNS.
Hi, rituka
Can you draw your toplogy of wifi network.
Yours Sincerely!
Steve Dong
Sure:
AP — Controller(windows machine) — Router ------Internet
I have a simple topology.
I’m not sure this is right.
Why controller set as before AP, I think them need ant the same level, Right ?
---------
| |
AP -----------------------| | -------
AP -----------------------| SW | ---------| vyos |---- Internet
UBNT Controller-----------| | -------
| |
----------
Hi,
They are at the same level only.
Yes I do have a switch as well in between. I forgot to mention.
Hi All,
Any leads on this please.
Hi @rituka ,
only DNS does not worked and plain IP worked? e.g. ping 8.8.8.8 or something?
in your nat config just DNS would be masquerade. What function are you trying to achieve with this, wenn your default gateway is also the name-server.
whats are the difference between the subnet which worked and the subnet with this errors.
Your source nat rule only masques udp/tcp 53.
Delete the two lines
source rule 10 destination port ‘53’
source rule 10 protocol ‘tcp_udp’
@manyax thanks for your reply, but that does not work as well.
DHCP pool leases IP address but I can not get out to the internet.
Paket drops at the DHCP gateway (192.168.250.1)
Hi @rob I just want the WiFi subnet to reach the internet.
I have an AP with subnet 192.168.250.0/24 and DHCP is configured in vyos.
Clients on this AP are getting the IP addresses, but unable to get to the internet.
The purpose of the above NAT was just that, I was trying to check if taking DNS port into consideration resolves the issue, but that does not help.
The requirement is simple, that is get to the internet.
Hi,
it is hard to help if you don’t allow to provide the full config.
in troubleshooting i would do the following:
maybe this help
Hi,
Here is the config of WiFi:
set service dhcp-server shared-network-name Wi-Fi authoritative ‘enable’
set service dhcp-server shared-network-name Wi-Fi subnet 192.168.250.0/24 default-router ‘192.168.250.1’
set service dhcp-server shared-network-name Wi-Fi subnet 192.168.250.0/24 dns-server ‘192.168.250.1’
set service dhcp-server shared-network-name Wi-Fi subnet 192.168.250.0/24 dns-server ‘8.8.8.8’
set service dhcp-server shared-network-name Wi-Fi subnet 192.168.250.0/24 dns-server ‘8.8.4.4’
set service dhcp-server shared-network-name Wi-Fi subnet 192.168.250.0/24 lease ‘86400’
set service dhcp-server shared-network-name Wi-Fi subnet 192.168.250.0/24 start 192.168.250.2 stop ‘192.168.250.254’
set service dns forwarding cache-size ‘0’
set service dns forwarding domain xxxxxxx.com server ‘192.168.0.1’
set service dns forwarding listen-on ‘eth7’
set service dns forwarding name-server ‘8.8.8.8’
set service dns forwarding name-server ‘192.168.0.1’
set zone-policy zone WLAN default-action ‘drop’
set zone-policy zone WLAN from LOCAL firewall name ‘ALLOW-ALL’
set zone-policy zone WLAN interface ‘eth7’
set interfaces ethernet eth7 address ‘192.168.250.1/24’
set interfaces ethernet eth7 description ‘Wifi Network’
set nat source rule 10 outbound-interface ‘eth1’
set nat source rule 10 source address ‘192.168.250.0/24’
set nat source rule 10 translation address ‘masquerade’