Solved

DHCP Errors post firewall replacement

Posted on 2013-06-28
6
271 Views
Last Modified: 2013-07-11
Hi

Ideas why i am seeing bad ip addresses in the dhcp servers at our 2nd site?

We have replaced a like for like cisco asa 5505 firewall.

Ideas?
0
Comment
Question by:CHI-LTD
  • 4
6 Comments
 
LVL 1

Author Comment

by:CHI-LTD
ID: 39284727
0
 
LVL 17

Accepted Solution

by:
TimotiSt earned 250 total points
ID: 39284792
Configuration and firmware version are the same?
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 39284840
This hasn't been setup by us, but our managed provider.

I think they copied the config from the old firewall and uploaded.  
Firmware, is newer, i think.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 20

Assisted Solution

by:rauenpc
rauenpc earned 250 total points
ID: 39284941
If they simply copied config, there might be default config left behind. By default the ASA's have a dhcp server configured so that you can plug in on initial boot and use the ASDM. If a simple copy paste was done, it's unlikely that there was any commands in place to remove the default DHCP server configuration. This could mean that many of your clients are receiving an IP from the firewall, and some from the server. Since the server knows nothing about the firewalls leases, all it can do is reactively mark IP's as BAD_ADDRESS meaning that it's a bad address to hand out via DHCP because a device is already using the address. Have your managed provider check if the ASA is handing out an IP it's not supposed to.

The other check you can do would be to stop the DHCP server service, and try to obtain an IP. If you do you will also see which IP is the DHCP server which can't be your server.
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 39289722
Ok, they have removed all dhcp rules settings on the firewall but we are still getting all ips in the scope being taken up with bad ip address...

Clients now not picking up ips...
0
 
LVL 1

Author Closing Comment

by:CHI-LTD
ID: 39317085
Was a leftover dhcp rule and another setting (can't find link now) that caused this.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

This article assumes you have at least one Cisco ASA or PIX configured with working internet and a non-dynamic, public, address on the outside interface. If you need instructions on how to enable your device for internet, or basic configuration info…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now