Problem: Unable to connect to a host connected to the wireless network on the same subnet but different segments (e.g. switchport or access point.)
If the host on the wireless segment originates the ping, the ping will be successful.
But if another host on the different segment originates the ping, the ping will most likely fail. In my environment, sometimes it worked and sometimes it didn’t.
#########
Windows Ping results –
C:\Users\network-haven>ping 10.0.0.1
Pinging wireless-user [10.0.0.1] with 32 bytes of data:
Reply from 10.0.0.2: Destination host unreachable.
Reply from 10.0.0.2: Destination host unreachable.
Reply from 10.0.0.2: Destination host unreachable.
Reply from 10.0.0.2: Destination host unreachable.
Ping statistics for 10.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss)
#########
Depending on the order of operations, you will not see the ARP entry for the respective IP addresses on the respective hosts. If you try to ping from the wireless host first, the entries will most likely show up.
This is partly due to bridging being enabled. Essentially, bridge groups will restrict broadcasts and multicasts. ARP works off of broadcasts. It appears that the access point shouldn’t allow broadcasts through at all.
Sources: Bridge Group Configuration
Yet, everything points to the contrary on the network. It looks like you should be able to reach the host on the wireless segment. The switches show the proper layer 2 addresses. The access point doesn’t show the hosts dropping off. You can ping and connect to the host from a different subnet (e.g. 10.0.1.1 /24).
Solution: Enable ARP caching. The access point will reply to ARP requests on behalf of the host.
#########
Command: AP(config)#dot11 arp-cache optional
#########
Source: Configure ARP Caching
NOTE: I am running Version 12.4(25d)JA
CAUTION: DO NOT ENABLE THIS ON BRIDGED ACCESS POINTS; ARP REQUESTS WILL FAIL.