?
Solved

Clients are being given a DHCPNACK

Posted on 2005-03-15
15
Medium Priority
?
15,611 Views
Last Modified: 2011-08-18
My XP xlients are getting the following error in event viewer :

Event Type:      Error
Event Source:   Dhcp
Event Category:            None
Event ID:          1002
Date:                15/03/2005
Time:               09:22:30
User:                N/A
Computer:        TFWS57

Description:
The IP address lease 0.0.0.0 for the Network Card with network address 000D567D3562 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Doing an IPconfig /all i get the follwong on 2 different computers

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : domain.techforge.com
        Description . . . . . . . . . . . : Broadcom 570x Gigabit Integrated Cotroller
        Physical Address. . . . . . . . . : 00-0D-56-7D-35-62
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 0.0.0.0
        Subnet Mask . . . . . . . . . . . : 0.0.0.0
        Default Gateway . . . . . . . . . :
        DHCP Server . . . . . . . . . . . : 172.24.20.31
        DNS Servers . . . . . . . . . . . : 172.24.20.31
                                            172.24.20.32

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connect
ion
        Physical Address. . . . . . . . . : 00-0D-56-D1-B1-1B
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 0.0.0.0
        Subnet Mask . . . . . . . . . . . : 0.0.0.0
        Default Gateway . . . . . . . . . :
        DHCP Server . . . . . . . . . . . : 255.255.255.255

NOw 172.24.20.31 is the actual DHCP server.

Any help in resolving this is greatly appreciated!

0
Comment
Question by:Avatar261
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
15 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 13543243
??????
do you have a ROUTER or other network (that isnt a windows server) leasing out DHCP addresses? or do you have a router cloning/spoofing a MAC address?
0
 
LVL 2

Author Comment

by:Avatar261
ID: 13543315
have a sonicwall 4060 that does lease out IP addresses but on a 192.168.1.x range. i have disabled this but the problem still persists.

upon doing a DHCPLOC i get

dhcploc 172.24.20.83
11:08:51     NACK (IP)0.0.0.0         ***
11:08:51      ACK (IP)172.24.20.167   (S)172.24.20.31    ***
11:08:56    OFFER (IP)172.24.20.167   (S)172.24.20.31    ***
11:08:56     NACK (IP)0.0.0.0         ***
0
 
LVL 11

Expert Comment

by:rafael_acc
ID: 13543497
Considering the IP you get (0.0.0.0) and the error message itself, I'd say the DHCP server is trying to assign your client with an address which is already allocated on the network. Is this address a reserved one in your dhcp server? Is this address supposed to be assigned to a server? What subnet mask are you using in your scope (make sure this address is not the broadcast address)?

For example, if you are using the subnet mask 255.255.255.224, then this address of 172.24.20.31 is the broadcast address for your first subnet ...

Check this and let me know ...


Cheers.
0
Percona Live Europe 2017 | Sep 25 - 27, 2017

The Percona Live Open Source Database Conference Europe 2017 is the premier event for the diverse and active European open source database community, as well as businesses that develop and use open source database software.

 
LVL 10

Expert Comment

by:neteducation
ID: 13543905
sounds to me like your dhcp-server is out of IP-Addresses to lease out
0
 
LVL 11

Expert Comment

by:rafael_acc
ID: 13543947
Yep ... could be as well. If that's the case, a solution is to configure another scope and group both (the new one and the initial one) in a superscope.

cheers.
0
 
LVL 2

Author Comment

by:Avatar261
ID: 13544074
scope has plenty of addresses available, just checked
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 13544339
Have you tried stopping and restarting the DHCP server service?
0
 
LVL 2

Author Comment

by:Avatar261
ID: 13544354
yep, tried that, i thought that would be the issue, however im starting to think there is a rogue server
0
 
LVL 11

Expert Comment

by:rafael_acc
ID: 13550766
Recalling my post ...
If you have a static address alocated, say 172.24.20.83 and then you don't exclude that address from the Dhcp pool and the additionally you reserve it for a specific network card, then that network card will never get it!!

Do you have an ICS (INternet Connection Sharing) capabilities active in your network? If you do, deactivate it as it comes with it's own built in dhcp server which might cause some problem.

Cheers.
0
 
LVL 11

Expert Comment

by:rafael_acc
ID: 13550858
Looking more carefully ...

dhcploc 172.24.20.83
11:08:51     NACK (IP)0.0.0.0         ***
11:08:51      ACK (IP)172.24.20.167   (S)172.24.20.31    ***
11:08:56    OFFER (IP)172.24.20.167   (S)172.24.20.31    ***
11:08:56     NACK (IP)0.0.0.0         ***

According to this output I'd say 172.24.20.167 is dhcp server. But then ...

Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 0.0.0.0
        Subnet Mask . . . . . . . . . . . : 0.0.0.0
        Default Gateway . . . . . . . . . :
        DHCP Server . . . . . . . . . . . : 172.24.20.31
        DNS Servers . . . . . . . . . . . : 172.24.20.31

... says the dhcp server is 172.24.20.31 !!!!

So ??? Can u see the problem?
0
 
LVL 2

Author Comment

by:Avatar261
ID: 13553256
no, it means that a client with the IP address 167 has been offered an address from 31 (which is the DHCP server) however it cannot take the address as it is also being offered one from 0.0.0.0

Sorry bout late reply, only just got in this morning
0
 
LVL 2

Author Comment

by:Avatar261
ID: 13572737
hmmm, think i sorta found the issue.

what happened is we ahve a new SoinicWall 4060. I upgraded the firmware from 2.5 to 3.0 and this in turn seemed to enable o access a rogue DHCP server !?!??!?

however rolling back to the previous version seemed to cure this. However this not really a fix more a workaround.
0
 
LVL 2

Author Comment

by:Avatar261
ID: 13715856
After long winded time with Sonicwall it turns out to be a fulty firmware version. Upon upgrading to their newest version. All is fine now.
0
 

Accepted Solution

by:
PAQ_Man earned 0 total points
ID: 14152118
PAQed with points refunded (500)

PAQ_Man
Community Support Moderator
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question