Can't ping/access TL-WDR4300 from other subnet?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Can't ping/access TL-WDR4300 from other subnet?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Can't ping/access TL-WDR4300 from other subnet?
Can't ping/access TL-WDR4300 from other subnet?
2015-03-12 15:24:08
Region : Denmark

Model : TL-WDR4300

Hardware Version : V1

Firmware Version : 3.14.1 Build 141113 Rel.41164n

ISP :


Hello.

We got a problem with our newly bought TP-Link TL-WDR4300, we got two subnets: 10.79.73.x and 10.79.140.x , the router is located on 140 subnet, and it is acting as a AP (No DHCP, Static IP and ethernetcable in LAN port), the WIfi and internet is working as it should, BUT you cant ping or access the router/AP from 10.79.73.x net, we got a lot of other AP's, printers and such and we got no problem pinging/accessing them from the other subnet, why is that?

We have the latest firmware, and we've tried disabling the firewall in the router.
  0      
  0      
#1
Options
2 Reply
Re:Can't ping/access TL-WDR4300 from other subnet?
2015-03-13 17:47:25
I know this issue indeed...But I am not so familiar with TL-WDR4300.

Since you are using two subnet, I think you have a basic knowledge of routing, right?

1. As you can check, the TL-WDR4300's LAN interface has no gateway field. When you are using it as an AP, only the LAN port is functioning but it has no default gateway, which is why it won't response when you are accessing it from another IP segment (subnet).

This is factor #1. To overcome this factor, you can navigate to Advanced routing --> create a static route for your desired subnet. For example, destination 10.79.73.0/mask 255.255.255.0, and the gateway should be your upper router which is connection directly to the TL-WDR4300.

2. Then you must also navigate to Security menu to enable remote management for all segment or only for your described 10.79.73.0. If you don't enable remote management, the router still won't access any requests from remote IP segment.

3. The above two steps are necessary, but I am afraid (I am not sure) it is not sufficient. As I know most TP-LINK routers has updated with CSRF protection which will check the referer field in HTTP requests. As a result, only hosts with the same LAN subnet can access from LAN port, while remote hosts can only access from WAN port. If a remote host attempt to access the router from LAN port, the router will refuse by saying "You have no authority to access". -- If you do see this warning after finishing step1 and step2, the only way left is to downgrade the firmware to TL-WDR4300_V1_130319. If not, then congratulations! It works
  0  
  0  
#2
Options
Re:Can't ping/access TL-WDR4300 from other subnet?
2015-03-16 17:42:13

coca koala wrote

I know this issue indeed...But I am not so familiar with TL-WDR4300.

Since you are using two subnet, I think you have a basic knowledge of routing, right?

1. As you can check, the TL-WDR4300's LAN interface has no gateway field. When you are using it as an AP, only the LAN port is functioning but it has no default gateway, which is why it won't response when you are accessing it from another IP segment (subnet).

This is factor #1. To overcome this factor, you can navigate to Advanced routing --> create a static route for your desired subnet. For example, destination 10.79.73.0/mask 255.255.255.0, and the gateway should be your upper router which is connection directly to the TL-WDR4300.

2. Then you must also navigate to Security menu to enable remote management for all segment or only for your described 10.79.73.0. If you don't enable remote management, the router still won't access any requests from remote IP segment.

3. The above two steps are necessary, but I am afraid (I am not sure) it is not sufficient. As I know most TP-LINK routers has updated with CSRF protection which will check the referer field in HTTP requests. As a result, only hosts with the same LAN subnet can access from LAN port, while remote hosts can only access from WAN port. If a remote host attempt to access the router from LAN port, the router will refuse by saying "You have no authority to access". -- If you do see this warning after finishing step1 and step2, the only way left is to downgrade the firmware to TL-WDR4300_V1_130319. If not, then congratulations! It works


Hello.
Thanks for your reply.

I did fix it with the static route, I already tried this, but I miss typed the default gateway, because I thought it was the default gateway for 10.79.73.x subnet.

Very easy. :)
  0  
  0  
#3
Options