Got a weird one and I just don’t know what else to check.
I have a restaurant client with a Toast POS system and network. Comcast Router > 10.1.10.0/24. Toast installed a Meraki router on the 10x LAN, and the other side of their router is 192.168.192.0/24. Their LAN consists of 3 switches in various locations in the restaurant, and about 5 Unifi Access Points. The switches are all TPLink devices, unmanaged. There is one 8-port Unifi switch to provide PoE to 2 AP’s. I don’t control any of this network.
The 10.1.10.0/24 LAN has everything else on it- basically Sonos devices and a few security cameras. There is also a link to their Control4 automation system.
When I put Wireshark on the 10.1.10.0 LAN, everything looks absolutely normal. When I put Wireshark on the Toast 192.168.192.0 LAN, I see traffic from BOTH LAN’s.
Toast tech support claims this is because there is a network cable connecting the two LAN’s. Fair assumption- I pulled every cable in every switch and it made no difference. We can identify every single cable and they all go to the correct places.
So I unplugged the LAN cable from the Meraki router, leaving only the “Internet” cable. I then plugged my laptop into the Meraki LAN port. Running Wireshark, I STILL see the traffic from 10.1.10.0. My next test, while plugged into the 192x LAN, I unplugged each switch from the 10x LAN and I still saw 10x LAN traffic from the devices still plugged in to other switches. So my thinking is it is something to do with the Meraki. Toast claims this is impossible and they see the traffic on both Meraki ports.
Another test I did… I ran AngryIP Scanner on the 10x LAN searching for both 10x and 192x addresses… I can see addresses only from the 10x devices. If I run AngryIP on the 192 LAN, I can find both 192x and 10x addresses.
Any thoughts from the Meraki experts??? Anyone else see something like this? Could a bridge be created by a Toast Access Point that is physically wired to the 10x LAN and meshing back to the 192x LAN? I can’t find such an AP, but ya never know. (All the Unifi 10x devices that we control have mesh turned off).