Please note that support for Simple Mode may be reduced soon. If you have a Gold or Purple, we highly recommend using Bridge or Router Mode.
We have recently seen cases where Android 14-based devices like Pixel and Samsung had unstable Wi-Fi connections on networks using Firewalla Simple mode. This issue occurs because Firewalla Simple mode is built on a technique called ARP spoofing, and Android 14 may not respond properly when it sees a different MAC address respond to ARP queries. Learn more about Firewalla Simple mode.
If you're experiencing this issue, here are some solutions that you can try.
Solution 1: Set a static IP on your Android and set the Firewalla box IP as the gateway
- First, note down the Firewalla box IP address. You can find this in the Firewalla app by going to the box's main page, tapping the top right icon, then selecting "About," and noting the IP address.
- On your Android device, go to Settings and open the Wi-Fi settings.
- Find your home Wi-Fi network and select the edit icon (usually located at the top right corner of the screen).
- Select "Advanced Options" settings and switch to a static IP in the range of your Firewalla Primary network. (see "A" in the figure below)
- Set the current IP address of your Android as the phone's IP address and enter the Firewalla box's IP as the Gateway. (see "B" in the figure above).
Solution 2: Switch Firewalla to a mode that does not use ARP spoofing
All Firewalla boxes support DHCP mode. Switching to DHCP mode does not require changing any wiring of your network, but you may need to adjust your router settings. Learn more about DHCP mode.
Firewalla Purple and Gold Series also have Router and Bridge modes as well, and we recommend using those when possible.
See Which Firewalla Mode Should I Use? for more information.
Solution 3: Turn off monitoring for your Android
- Open the Firewalla app and go to the device list.
- Find your Android device and tap on it.
- Scroll down and disable monitoring for your Android.
Note this option means you won't see flows from the device. See this article, What happens when Monitoring is off, or Emergency Access is on?
Solution 4: Manually have the Android join the Overlay network of Firewalla (Red/Blue/Blue Plus)
Here is a guide to help you manually configure Android to join the Firewalla overlay network
Any of these solutions will resolve the issue with your Android disconnecting from Wi-Fi when using Firewalla Simple mode.
Comments
19 comments
When will there be a fix for this problem?
Solution 1 doesn't work all the time. And solution 4 has other problems in my network. And solution 3 isn't where I bought my Firewalla for.
And solution 2 I have a very expensive home network (unifi) what I use for dhcp.
Please come with a solution so Firewalla works normal with android 14.
Unfortunately, this is not something firewalla can fix. It is how the Android operating system deals with ARP spoofing.
If you own one of the Purple/Gold units, it is best to run them in router/bridge mode, these modes doesn't rely on the arp spoofing trick to grab traffic, and likely much more stable.
This is also happening with a Motorola phone. Neither option 1 nor 4 works on my Red. I just get a no Internet message. Any other tricks?
We believe the issue is related to the android operating system and arp spoofing. If none of the work around in solution 1 work for you, you should use the DHCP mode on the RED.
If you have purple or gold, the best is still router (or bridge mode), these do not rely on tricks like ARP spoofing
I just want to add for the purpose of google search, that the Samsung OneUI 6.0 update caused similar behavior with my S23 Ultra.
Followed these steps to get a stable connection again.
S23 ultra, S22 Plus and S21 are all doing this as well for me. I am using Firewalla Blue Plus at 2 different locations and now in the process of switching to Golds. Wasn't exactly what I wanted to do, but I am going to stick with it.
Also just to add, non of the steps above worked for me other than router mode.
I've also found my devices were negatively affected only if they were on a wifi6 connection.
@wh39, likely newer Android (14?) overall does not like arp spoofing used in simple mode.
As of your case, if wifi 6 connection, it can be issue with your router; did you change nay router recently?
I've unplugged my Blue+ and it will remain unplugged until this issue is resolved. I'm not going to ask every guest and family member to change their Android phone to meet my network requirements. I'm not going to turn off monitoring Android devices. The vast majority of traffic I blocked came from Android phones. And I'm not going to use DHCP mode with issues like "Our recommendation is to disable monitoring on the satellite mesh devices in the Firewalla app." What's the point of having Firewalla if it can't monitor the satellites?
@scott, the issue is not firewalla, but how Android 14 is working. Have you tried to use DHCP mode?
I did read the info above! I understand this is an Android issue. No, I did not try DHCP mode. As I said originally, I'm not going to use DHCP mode with issues like (from your website) "Our recommendation is to disable monitoring on the satellite mesh devices in the Firewalla app." What's the point of having Firewalla if it can't monitor the satellites?
Mesh AP units most of the time DO NOT send/receive traffic;
Scott, just to try to be clear, that comment from Firewalla about satellite mesh devices only applies if you are using a product like a Linksys Velop router with wirelessly connected additional access points. Only those extra access points would need DHCP disabled since the main router node manages the satellite nodes.
I would love to convert my 3-year old Red to DHCP (or upgrade to a Blue+!) but it's just not reliable - about every 4-6 months it just decides to quit working and I have to completely reload a fresh copy of the OS on the microSD card and re-import all the rules from the previous configuration.
I am equally frustrated with the situation but generally love the Firewalla product and recommend it especially to non-techie friends who want to have control of their network.
Hi,
I just updated my Samsung S22 to the latest OS update and started running into this problem.
Pls find a "real" solution to this or my firewalla's usefulness will go down a lot and I may have to quit using firewalla. Do note I have had firewalla for a few years and have loved it. But not having the ability for android phones to connect properly to my network is not feasible.
But would have to disagree with comment that it is not firewalla's problem. It is, if I turn off firewalla I can connect to wifi. Firewalla needs to find a solution that is compatible with this android change. Android and IPhone are the most popular devices in the world so things need to work with them. If not you just won't be relevant.
Samsung One UI 6.1 update Solved the problem.
I have not tested Pixel or Motorola since I don’t have either.
Great news! I'm still on 6.0. Looking forward to turning my Blue Plus back on.
Forgot I had my pixel 4. It hasn’t gotten an update since last October but it’s magically working with the same setup I’ve had with firewalla and ubiquiti. Something must have changed on the firewalla side as well. Running a SIMPLE mode setup
Jz, same for my pixel 4a. Turned monitoring back on just now and it seems stable for the moment. Also turned it on for a Pixel 6 and 7a and working for now. Something definitely changed.
Update: 4a and 6 seem to be fine but the 7a started misbehaving after a little while.
Switching from 'Simple Mode' to 'Experimental Simple Mode' instantly allowed my Android 13 devices to work again on Wi-Fi while using DHCP or Static IP.
Firewalla Purple. Box Version 1.978. Stable Release.
Using Samsung A71 5G running Android 13, One UI version 5.1.
Router: Verizon CR1000A.
Please sign in to leave a comment.