2013-02-11 - Re: [GRASE-Hotspot] Problems accessing devices on LAN network

Header Data

From: Timothy White <ti***8@gmail.com>
Message Hash: 2cbf82bcc5c95199daa5a67f4a322998bb176d6b66d58ad9757d32a5d9067e8b
Message ID: <CAESLx0L=vDnFiRg0gysXNdJd7dSJRVfxa4T7zPWJ7YgDorij3g@mail.gmail.com>
Reply To: <1506a50e.00001688.00000010@PC-Hector>
UTC Datetime: 2013-02-11 03:16:17 UTC
Raw Date: Mon, 11 Feb 2013 20:16:17 +1000

Raw message 

On 11/02/2013 8:03 PM, "Hector Blanco de Frutos" <he***r@etelecom.es> wrote:
>
> Hello.
>
> We have installed the Grase Hotspot in a hotel, and we have discovered
that we have problems trying to Access the APs (Access Point’s) located on
the LAN network (10.59.*.*) from the hotspot computer. We can’t access
their web panel, and not even ping them.
>
> On the other hand, if we do it from a computer located inside the LAN
network, like a netbook or a smartphone, the AP’s respond and are
accessible. I really don’t know if this is a normal behavior, and thus if I
have to enable some option or do something to view the Aps from the hotspot
device. For us this is very important, as we need to remotely monitor those
network equipment.
>
>

Hi Hector.

Are you saying the Hotspot LAN is 10.59.0.0 or that the AP's are on that
LAN and the Hotspot LAN is the default 10.1.0.0?

If the Hotspot LAN and the AP's LAN is different, then you obviously can't
access the AP LAN from the Hotspot LAN due to them being in different
subnets. (And assuming you set the client computer on the LAN side to the
right subnet, it'll be able to access the AP's)

You /should/ be able to access the AP's from the Hotspot server, IF they
are in the Hotspot LAN. However the risk with that is that the AP's ip's
may conflict with a client ip unless they are outside the DHCP range.
However, this isn't the ideal way to set it up, as you ideally want your
management network separate from your client network for security purposes.
The easy way to do this is with VLAN's. Use the untagged interface (i.e.
eth1) for the Hotspot, but use a VLAN (say eth1.10) for the AP's management
IP's. Seeing as the Grase network is a layer 2 network, the AP's shouldn't
be touching the traffic anyway and should be routing it as Layer 2, so the
AP's ips don't need to be in the Grase LAN.

I hope that makes some sense.

Tim

Thread