Got a call from a client today who was unable to get his laptop to connect to his wireless network.
The client has a standard Linksys WRT54G which is sitting behind a WatchGuard SOHO router. (The WatchGuard predated my involvement with the client, and we determined it was easier to use the WRT54G as an access point rather than ripping out the WatchGuard…)
Upon inspection, the laptop WAS connecting to the wireless network, it just didn’t have internet access. Vista would show it had Internet connectivity, but it would then just go away.
Upgraded the WRT54g’s firmware, same result. Changed from WEP to WPA-2. Same result.
Reviewed the logs on the WatchGuard and saw “User count exceeded. Packet dropped.”
The WatchGuard, unlike most consumer routers, has a user limit to it. It keeps track of 10 IPs and when IP number 11 hits the routing table, it gets whacked with a big ole’ DENY rule.
When I plugged the laptop into the WRT54g via ethernet cable, the IP address was one of the 10 in the routing table and packets were allowed to flow. The IP address assigned to the wireless interface was not in the table and therefore blocked.
We couldn’t figure out why the laptop stopped working. The client mentioned the laptop stopped working when we put a new computer on the floor. We did a quick count of all devices on the network and only came up with 7…
Just as I was leaving, one of the warehouse guys came in holding his iPhone asking “Did something happen to the wireless network?”
Of course, something had — I hadn’t changed the Linksys back to WEP after the WPA-2 experiment, and he lost his connection… and the mystery of the additional devices was solved.
So, the moral is two-fold — look for user licensing restrictions where you least expect them, and someone else’s handheld device from home sitting on your network might have a negative impact on your ability to get work done.