Hi from a long time lurker, first time poster!
I have looked all over but I’m at the end of my ropes with this issue:
So I have a Unifi AP-ACpro with 3 SSIDs setup as “VLAN only” wireless networks in Unifi Controller. Guest, Office and IoT.
The AP is connected to a Cisco SG300 switch and the network incl. DHCP is handled by pfsense.
All is working great but there’s one weird thing I can not get to work:
On the office net (which can not get to the WAN) I need to get a bunch of iPads to connect to some other desktop machines on the same (wired) VLAN segment which works fine generally but there’s one particular app that acts as a remote control for an application on the desktops that just won’t be seen. I assume it’s to do with broadcast traffic not getting from the AP to the wires network.
I have set that SSID to not block LAN to Wifi multicast in Unifi and I’ve got Avahi setup in pfsense.
The thing is: As soon as the desktop machine turns on WIFI and connects to the same office wifi (just for testing, the yusually have wifi turned off for security reasons), the app on the iPad is seen by the desktop and they connect. So I guess this works because the iPad and desktop see each other from being inside the same AP (just a guess) I can then switch off wifi on the desktop and they will stay connected and function fine unless I send the iPad to sleep which for me if proof that there’s data flowing between them over the wire but the traffic needed for discovery somehow doesn’t get to the desktop. I guess that must be some kind of multicast broadcast saying “hey, I’m here” not getting through.
Am I right assuming that pfsense is not the issues as this traffic is direct inside the switch and therefor pfsense doesn’t even handle it (apart from handing out IP addresses vis DHCP) and can be ruled out as the cause? I’ve tried wide open rules on pfsense for every protocol but it doesn’t make one bit of a difference, So I guess it’s either the switch or the AP not forwarding that initial traffic needed to make the contact.
Second question: I don’t have a USG or clould key as so far I didn’t see the need for it as there’s only one AP and I can run the controller app on my mac, setup the AP and then I let it run in stand-alone mode which has been working for years. Do I really need an USG to enable mDNS on the AP? And will this fix my problem?
Things that haven’t made any difference in behaviour: IGMP snooping on or off (on switch or AP in all sorts of combinations), multicast is enabled for that wifi network.
I can ping the iPad from the desktop on the wired connection and wifi, no difference there.
I can’ t for the life of me figure out why this particular app on the iPad can not connect to the desktops via the wired network.
Is there anything I can look for once I’ve connected them via that “trick” switching the desktop to wifi as well to narrow down why it doesn’t work over the wire?
Thanks for your help and sorry for possible non-pro words. English is not my native language.