Client IP Connectivity Issues

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Client IP Connectivity Issues

L2 Linker

Hi All,

 

I have a PA-200 running Version 8.1.0 and providing DHCP addresses to about 175 clients.  The pool is a /24 and recently, the clients have been getting messages stating another device is using your computers IP address.  I've been tweaking the DHCP server settings and have set the leases to unlimited but users are still getting the duplicate IP messsage.  I wanted to see the best way to troubleshoot this from a PA perspective.

 

Thanks,

Dan

5 REPLIES 5

L2 Linker

Filtering the System Logs for "DHCP Lease', I see the attached screenshot.  It's weird that this client is trying mulitple time to acquire and DHCP reserved address.  That is a caveat I didn't mention in my first post.  There are about 30 reserved contiguous IPs and this one (.42) is one.  I'm using address groups in my policies as my source.  No USER ID or any other source object.

 

Let me know your thoughts on this.

 

Thanks,

Dan

 

DHCPLeaseIssue.jpg

Cyber Elite
Cyber Elite

@DRobinson_TIC,

Do you actually need the featureset available in 8.1? If not, I wouldn't be using this in a production environment at this time and would recommend you go back to 8.0. If the featureset is needed, you shouldn't be using 8.1.0 and I would recommend scheduling a time to upgrade to 8.1.4 (TACs current 8.1 recommendation) or 8.1.5 (Been testing this on LAB equipment and its been fine and fixes a larger number of bugs).  

There are a number of DHCP issues that have been addressed in 8.1 updates in the last five releases. If you are running 8.1 I would recommend that you at least upgrade to 8.1.4, if not 8.1.5. 

Did you actually reserve those IPs out of the pool? If you've given the DHCP server on the firewall the full /24, but some devices are already staticly defined and the firewall isn't aware of that, you'll hit this problem.

 

Instead of giving the /24 for your IP pool, you'll want to supply only the IPs that are not already reserved.  Just use a range for the first and last sets of IPs, such as:

 

192.168.1.1-192.168.1.35,192.168.1.66-192.168.1.254

 

BPry,

 

I did upgrade to 8.1.3 and will do the upgrade to .4 tonight.

 

Thanks,
Dan

GWesson,

 

I neglected to mention that.  I am not using the entire /24 in my pool as I have excluded the reserved IPs from it.  Any other thoughts?

 

Thanks,
Dan

  • 2513 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!