(not) Harry Potter and the black art of TCP/IP.
September 4, 2005 11:08 AM   Subscribe

I have a Wireless Ethernet bridge which I have connected to a PC via an ethernet cross-over cable. This is working fine in terms of allowing access to the wireless network I can browse the net from the PC etc. with no problem. The problem comes when I try to ping this PC behind the wireless bridge from another PC. My other PC's on the network simply refuse to see it - all PC's are connected to the same wireless network and have no problem seeing each other except the PC connected via the wireless ethernet bridge. All PC's are in the same Windows XP workgroup and indeed in the workgroup the bridged PC can be seen in the network neighborhood by all the other PC's with no problems but cannot ping it or access it via TCP/IP etc. All PC's are in the same subnet - mask is 255.255.255.0. All PC's are configured to have the default gateway of the Router - 192.168.0.1. All IP Addresses are static as well. What am I doing wrong here or will the wireless bridge effectively hide the second PC from any other PC's on the network - clearly not an acceptable situation. I'm 99% certain this is not a firewall issue either as the second PC can see other PC's on the network with ease. I'm going slowly mad over this so any help gratefully received. TIA, Matt
posted by empedia to Computers & Internet (12 answers total)
 
This sounds like the wireless bridge is hiding the PC. A lot of networking equipment nowadays acts as a firewall out of the box. PCs inside their networks have no public address. The firewall acts as middle man for all incoming and outgoing packets.

There's a way out, though: port forwarding. You can poke holes in any firewall worth its salt by mapping packets sent to that firewall to a particular machine inside the firewall.
posted by maschnitz at 11:27 AM on September 4, 2005


What model of wireless bridge are you using? The DWL-G810 that I have acts as an unusual sort of NAT box, which means it'll hide anything behind the link itself ... something to do with having two interface addresses, one for the computer and one for the bridge itself.
posted by SpecialK at 11:29 AM on September 4, 2005


Many bridges/routers have a ping filtering capability. This is a feature that prevents your machine from being discovered or ping-flooded from the Internet. Some allow it to be turned off, some I am sure simply leave it on all the time.
posted by kindall at 11:43 AM on September 4, 2005


Response by poster: The bridge is actually a slim devices Squeezebox2 which can also act as a wireless bridge as well. I've posted a similar message on their forums but so far no replies as such - except the CEO doesn't seem to think that is normal behavior.

Basically the bridge does not have any way of configuring itself that I know of- it should just be plug and play so I don't think I could set port forwarding up. Interesting idea though.

I haven't actually checked if the router itself can see the bridged PC - need to try that I think.

Thanks for all your suggestions and keep 'em coming.

Matt
posted by empedia at 11:51 AM on September 4, 2005


The wireless bridge is acting as a NAT router, meaning your PC and the router are on their own separate firewalled-off subnet. Fiddle with the settings and see if you can't turn that off (You need to disable both "NAT" and "DHCP" on the bridge, but without knowing the model it's impossible to say how or if you can do this.
posted by cillit bang at 11:53 AM on September 4, 2005


OK, just seen your update. That doesn't seem to be an obvious fix here.

Does the wi-fi router on your network have a config screen that shows what clients are connected?
posted by cillit bang at 11:56 AM on September 4, 2005


Can you check the IP address on each machine and give us the results of a traceroute call going each way? This should confirm the NAT theory.

It does indeed sound like you're having a NAT problem. You should be able to set up reverse tunnels via an SSH connection if you can see from the one computer to the others. This isn't a perfect solution but will probably work for your needs. Implementation of this is OS-specific but I can give you more info if you're doing this from the command line.
posted by onalark at 12:40 PM on September 4, 2005


Windows XP's firewall blocks ping requests. This means that any XP box with the firewall on will not respond to pings. Thus, check to see if the box is running the XP firewall.
posted by cm at 1:40 PM on September 4, 2005


Um, you don't have to sign the post.


posted by jmgorman at 6:31 PM on September 4, 2005


Response by poster: thanks for your answers

onalark - I tried tracerouting to the bridged PC - it goes nowhere. tracerouting to the bridge gets there in 1 hop.

I would be very interested in the reverse SSH option - if only from intellectual interest as much as a practical solution. I'm doing this exclusively with windows XP by the way.

cm - The XP firewall will block ping requests from outside the local network I believe but inside the network ping seems to work find to all the other PC's.

jmgorman - thanks for letting me know but I kind of like putting my real name to a post unles its deemed bad etiquette on this forum etc. in which case I will of course stop.

anyway thanks for all your help so far

Matthew
posted by empedia at 11:43 PM on September 4, 2005


Try doing a traceroute from the remote PC to anywhere in the outside world. The number of steps before your ISP should show what's going on (1 step = no NAT, 2 steps = NAT).
posted by cillit bang at 7:45 AM on September 5, 2005


Response by poster: Hi - an update. It turned out to be a Windows Firewall problem after all. I wish you could configure windows firewall to accept all traffic on the same internal network/subnet. Sigh...

Anyway thanks for all your help.

Matthew.
posted by empedia at 5:14 AM on September 6, 2005


« Older Can a master's degree be dusted off?   |   I need a License to Drive Newer »
This thread is closed to new comments.