WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network. Check out this quarters report on the threats that shook the industry in Q4 2017.
Computers are getting IP address outside our DHCP range
I have our DHCP address range set to 172.18.1.12 - 150. However, two of the computers have IP address past this range. Why would this happen?
Who is Participating?
That looks like you have configured them with:
1) Static IP address
2) MAC address reservation is set up
3) The old DHCP server with the old scope is still active
4) IP address is 169.254.x.y/16 (APIPA) that means no connection to DHCP server
Can you verify that, please ?
Regards,
Krzysztof
1) Static IP address
2) MAC address reservation is set up
3) The old DHCP server with the old scope is still active
4) IP address is 169.254.x.y/16 (APIPA) that means no connection to DHCP server
Can you verify that, please ?
Regards,
Krzysztof
That isn't a private IP address space, and so the addresses are routable.
I would suggest changing your internal LAN addressing to 172.16.x.x, which is a private address space. If the problem persists with the new addressing, you know that it is something on your LAN that's causing it.
I would suggest changing your internal LAN addressing to 172.16.x.x, which is a private address space. If the problem persists with the new addressing, you know that it is something on your LAN that's causing it.
What Ip addresses are they getting?
Are they getting a 169.254.x.x number?
If so they are not finding the DHCP server
If they have vailid ip addresses then they may be manually configured.
What OS are the computers?
Are they getting a 169.254.x.x number?
If so they are not finding the DHCP server
If they have vailid ip addresses then they may be manually configured.
What OS are the computers?
When I run Ipconfig /all they both are pointing to a DHCP server that is incorrect. one is getting 172.18.1.50 and the other is .51. Our DHCP server is 172.18.1.8
Let's find out who the .50 and .51 devices are, since those devices are apparently handing out DHCP addresses.
Try to use this simple and free tool to discover rogue DHCP servers
http://blogs.technet.com/b/teamdhcp/archive/2009/07/03/rogue-dhcp-server-detection.aspx
Krzysztof
http://blogs.technet.com/b/teamdhcp/archive/2009/07/03/rogue-dhcp-server-detection.aspx
Krzysztof
what happens when you ping 172.18.1.18 from these two computers?
on the dhcp server check what the mac addresses are for .50 and .51 and compare them to the computers ipconfig /all
post results
on the dhcp server check what the mac addresses are for .50 and .51 and compare them to the computers ipconfig /all
post results
I can ping 172.18.1.8. Also on the DHCP server 172.18.1.50/51 are in the excluded range.
When I ran the Rogue detection it finds our correct DHCP server as a Rogue server and it finds the 172.18.1.50/51
When I ran the Rogue detection it finds our correct DHCP server as a Rogue server and it finds the 172.18.1.50/51
Check if you have no DHCP running on any router device or if there is no DHCP emulation software installed. Just check MAC address of those devices and check the manufacturer
Krzysztof
Krzysztof
I just typed 172.18.1.50 in IE and found out what it is. It is our Wireless Adhoc device that is supposed to assign IP to wireless devices outside of our DHCP range.
So the question now becomes how do I get the two computers back on the proper DHCP server?
So the question now becomes how do I get the two computers back on the proper DHCP server?
You can't :) Mostly (in 99%) the first DHCP reply is accepted by client. You need to implement VLANs and IPHelper to separate DHCP broadcast traffic
Krzysztof
Krzysztof
One problem is you have more than one DHCP server on the same subnet. Not a good practice. If you do that you have to be very carefull of the ranges you are using.
What are the settings on your wireless router? comapre them to your dhcp server.
ipconfig /release then ipconfig /renew on the computers after you gt the dhcp ranges squared away.
What are the settings on your wireless router? comapre them to your dhcp server.
ipconfig /release then ipconfig /renew on the computers after you gt the dhcp ranges squared away.
Until I can get the company out here to reconfigure the wireless device, what problems can this create?
I'll post later, off to a meeting. Thanks
I'll post later, off to a meeting. Thanks
If .50 and .51 are giving out different DHCP options (default gateway, DNS servers, etc.) from the ones being given out by the "real" DHCP server, machines receiving DHCP addresses from them could have trouble accessing other resources on the network. If those options are the same, then you may not experience any issues at all unless, for example, you've got firewall rules restricting access based on IP ranges.
Also, a minor point of correction on an earlier respose:
Also, a minor point of correction on an earlier respose:
That isn't a private IP address space, and so the addresses are routable.172.16.0.0/12, which includes everything from 172.16.0.0 to 172.31.255.255, is private, so you're fine in that regard.
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
All Courses
From novice to tech pro — start learning today.
-
Course of the Month10 days, 21 hours left to enrollMonitoring and Operating a Private Cloud with System Center 2012 R2 273 lessons
Are these computers addressed statically?