ePMP1000 SM can't ping Facebook but can ping other stuff
With 30 users on a ePmP 1000 AP, we have ONE SM that can ping everything BUT NOT facebook.com. It can ping all sorts of other stuff by name and can also ping to the facebook IP address just fine.
ALL the other SMs on that AP can ping FB just fine.
They all use the same DNS.
Why would 1 SM have this problem?
Ideas?
So a few questions here...
- Are you trying to actually ping 'www.facebook.com'?
- Are you pinging from the tools section on the radio, or from a client behind the radio?
- Are you using the radio in routed, NAT, or Bridge mode?
- Have you double checked the DNS servers and the gateway IP on the radio?
- Have you tried using a different DNS server like Google's or Cloudflares 1.1.1.1 / 1.0.0.1 ?
- Are you using 3.5.1 on this SM?
1 Like
Pinging from the radio ping tool
NAT mode
Everything else is pingable. It's just facebook
All the other 39 SMs on this AP and the AP ping facebook just fine
Tried changing DNS for this SM
Yes, 3.5.1
It's one radio out of 40, with all the same settings, that can ping everything BUT facebook.
Can FB block a MAC address?
Can you browse to the facebook page from a client behind the radio?
Does this radio have a public IP address on the WAN side of the NAT? If yes, what happens when you change the IP address of the radio having issues?
I know that some providers, like Google, specifically block or limit the amount of ICMP traffic hitting it to prevent people from using it as a heart beat server and also for DOS reasons.
Nope. No static public assigned. It's set up exactly the same as all the other SMs that work fine. This is the only radio that can't ping FB.
There was a DMZ set up with a public IP sitting on the main radio IP and there was a separate management IP set up. Once I removed the DMZ and management IP it would ping FB. I added the management IP back and it still worked. Then I noticed the user changed his router and it had a different LAN IP, so I put the DMZ back in and change the target IP and now it pings FB fine.
So... it was the device sitting on the DMZ at the wrong local LAN IP that was stopping JUST FB from being pinged.
We spend so much time on these little things!!
3 Likes
That’s a very strange issue, but I’m glad you finally figured it out!