Sorry to hear that, my problem is resolved so you may be hitting another bug.
Maybe try to sniff DHCP (udp 67 and udp 68) traffic for some time and try to correlate this with you PA system log entries. If possible don't use the PA to sniff but for example wireshark, as it *may* be that this kind of traffic (directed to/from PA as well as broadcast) doesn't all show up in the PA captures.
Guess not, no service route configured here and it's working correctly. No DHCP service route exists in the config.
The Palo Alto is sending the request via the "Data Plane" interface that has dhcp client configured.
Hello, we have addressed two issues in PAN-OS 4.1.10 which I believe may be affecting you. Here are the relevant details from the addressed issues section of the 4.1.10 release notes:
• 46477 – The DHCP client on the firewall was sending an invalid option (option 54) in its renewal requests, causing the DHCP server to ignore the requests. This issue has been resolved.
• 40137 – The firewall was not able to renew its DCHP settings with certain ISP network connections. In this case, a Verizon FiOS connection was in place and during a DHCP refresh that occurred every hour, the request timed out. Issue was due to an interoperability problem between the firewall’s DHCP client and the DHCP services on the ISP network, which has been resolved in this release.
I recommend upgrading to PAN-OS 4.1.10.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!