Firewall Assigns Incorrect Subnet Mask to DHCP Clients

Firewall Assigns Incorrect Subnet Mask to DHCP Clients

0
Created On 09/26/18 13:54 PM - Last Modified 07/19/22 23:11 PM


Resolution


Symptom

The firewall sometimes allocates a different subnet mask than the one configured in the DHCP server setting.

 

Cause

The firewall allocates the subnet mask of the primary IP address on the DHCP interface to the addresses it leases out.

For example, the firewall below has been configured with an interface IP of 10.100.200.32/32 while the DHCP server on that interface has been configured with a pool of 10.100.200.0/24.

DHCP-interface.PNG

DHCP-config.PNG

 

The wireshark capture below shows a DHCP offer with a mask of 0.0.0.0 instead of 255.255.255.0.

DHCP subnet mask.PNG

 

owner: tasonibare
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClzKCAS&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail