Client IP Connectivity Issues

Reply
L2 Linker

Client IP Connectivity Issues

Hi All,

 

I have a PA-200 running Version 8.1.0 and providing DHCP addresses to about 175 clients.  The pool is a /24 and recently, the clients have been getting messages stating another device is using your computers IP address.  I've been tweaking the DHCP server settings and have set the leases to unlimited but users are still getting the duplicate IP messsage.  I wanted to see the best way to troubleshoot this from a PA perspective.

 

Thanks,

Dan

L2 Linker

Re: Client IP Connectivity Issues

Filtering the System Logs for "DHCP Lease', I see the attached screenshot.  It's weird that this client is trying mulitple time to acquire and DHCP reserved address.  That is a caveat I didn't mention in my first post.  There are about 30 reserved contiguous IPs and this one (.42) is one.  I'm using address groups in my policies as my source.  No USER ID or any other source object.

 

Let me know your thoughts on this.

 

Thanks,

Dan

 

DHCPLeaseIssue.jpg

L7 Applicator

Re: Client IP Connectivity Issues

@DRobinson_TIC,

Do you actually need the featureset available in 8.1? If not, I wouldn't be using this in a production environment at this time and would recommend you go back to 8.0. If the featureset is needed, you shouldn't be using 8.1.0 and I would recommend scheduling a time to upgrade to 8.1.4 (TACs current 8.1 recommendation) or 8.1.5 (Been testing this on LAB equipment and its been fine and fixes a larger number of bugs).  

There are a number of DHCP issues that have been addressed in 8.1 updates in the last five releases. If you are running 8.1 I would recommend that you at least upgrade to 8.1.4, if not 8.1.5. 

L7 Applicator

Re: Client IP Connectivity Issues

Did you actually reserve those IPs out of the pool? If you've given the DHCP server on the firewall the full /24, but some devices are already staticly defined and the firewall isn't aware of that, you'll hit this problem.

 

Instead of giving the /24 for your IP pool, you'll want to supply only the IPs that are not already reserved.  Just use a range for the first and last sets of IPs, such as:

 

192.168.1.1-192.168.1.35,192.168.1.66-192.168.1.254

 

L2 Linker

Re: Client IP Connectivity Issues

BPry,

 

I did upgrade to 8.1.3 and will do the upgrade to .4 tonight.

 

Thanks,
Dan

L2 Linker

Re: Client IP Connectivity Issues

GWesson,

 

I neglected to mention that.  I am not using the entire /24 in my pool as I have excluded the reserved IPs from it.  Any other thoughts?

 

Thanks,
Dan

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!