I have a PA-200 running Version 8.1.0 and providing DHCP addresses to about 175 clients. The pool is a /24 and recently, the clients have been getting messages stating another device is using your computers IP address. I've been tweaking the DHCP server settings and have set the leases to unlimited but users are still getting the duplicate IP messsage. I wanted to see the best way to troubleshoot this from a PA perspective.
Filtering the System Logs for "DHCP Lease', I see the attached screenshot. It's weird that this client is trying mulitple time to acquire and DHCP reserved address. That is a caveat I didn't mention in my first post. There are about 30 reserved contiguous IPs and this one (.42) is one. I'm using address groups in my policies as my source. No USER ID or any other source object.
Let me know your thoughts on this.
Do you actually need the featureset available in 8.1? If not, I wouldn't be using this in a production environment at this time and would recommend you go back to 8.0. If the featureset is needed, you shouldn't be using 8.1.0 and I would recommend scheduling a time to upgrade to 8.1.4 (TACs current 8.1 recommendation) or 8.1.5 (Been testing this on LAB equipment and its been fine and fixes a larger number of bugs).
There are a number of DHCP issues that have been addressed in 8.1 updates in the last five releases. If you are running 8.1 I would recommend that you at least upgrade to 8.1.4, if not 8.1.5.
Did you actually reserve those IPs out of the pool? If you've given the DHCP server on the firewall the full /24, but some devices are already staticly defined and the firewall isn't aware of that, you'll hit this problem.
Instead of giving the /24 for your IP pool, you'll want to supply only the IPs that are not already reserved. Just use a range for the first and last sets of IPs, such as:
I neglected to mention that. I am not using the entire /24 in my pool as I have excluded the reserved IPs from it. Any other thoughts?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The Live Community thanks you for your participation!