?
Solved

Server 2008 DHCP does not hand out IP address to wireless divices

Posted on 2014-01-08
14
Medium Priority
?
692 Views
Last Modified: 2014-02-06
Hello,

At one time we running RADIUS on our 2003 DC/DNS/DCHP server and everything worked fine.  We also have a few wireless access points that connect via WPA\TKIP and a password for guests.  Our network is one big network running on the same subnet.

When we upgraded to Server 2008(not R2) and used NPS things started acting weird on both type of access points, those using RADIUS and those just using a wireless password.  My workstation laptops connect to the wireless access points using RADIUS and Guests connect wirelessly using just a password.  The problem is if laptop is a new laptop or the laptop has not been here for an extended period of time it doesn't get an IP address on first connection.  I will get a local IP address of 192.168.x.x which we are not on.  I have manually go to the laptop and run ipconfig /release then /renew and it will get an IP address and then the laptop is works on wireless.  

This happens on both types of access points.  I've read where NPS settings needs to be set to give out an IP address via DCHP, but the problem I'm facing that I'm not only getting this problem with access points connecting via Radius, but also those that are just set up with a simple password like in a home wireless access point.  As i said it is all on the same subnet pointed to the same AD/DNS/DHCP server.   I don't understand why this problem is happening.  Laptops are running Windows 7 Pro or Enterprise. Any thoughts?
0
Comment
Question by:ozzalot
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +5
14 Comments
 
LVL 15

Assisted Solution

by:Perarduaadastra
Perarduaadastra earned 668 total points
ID: 39766109
It sounds as though the laptops are picking up IP addresses from a DHCP server on another network if they're getting the wrong addresses. Perhaps someone close by has just set one up. 192.168.x.x is the default network used by everyone and his dog.

Try temporarily disabling NPS and see if things return to normal. It may be that the WAPs need tweaking to pass the NPS traffic.
0
 
LVL 23

Expert Comment

by:Patrick Bogers
ID: 39766114
Hi

In NPS how did you configure Radius clients ?

Second, where is the 192.168.x.x coming from? It is not 'thought up' because it is a valid internal IP adress in stead of an APIPA adress which it should return when it doesnt know what IP to give you.
0
 
LVL 10

Expert Comment

by:tmoore1962
ID: 39766172
I would check the configs of the APs sounds like they may have DHCP helpers configured, is the new server's IP the same as the old server's ?  Also check and see if the AP's aren't configured to hand out dhcp from themselves
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Expert Comment

by:Lwaugh
ID: 39766180
Are your access points really access points or wireless routers?  
I've seen in plenty of businesses where someone thinks they are clever and use a wireless router as an AP and they forget to turn off DHCP on the router.  

You've definitely got another DHCP server on your network.
0
 

Author Comment

by:ozzalot
ID: 39766217
How can I found if there is another DHCP on the network?  I will check the access points, but I don't think they are routers.
0
 
LVL 15

Expert Comment

by:Perarduaadastra
ID: 39766257
If there is a DHCP server active on an adjacent WLAN and it's handing out addresses to anything in range, that suggests that it has no security enabled. Find out who owns that WLAN, and advise them that it would be a really good idea if they enabled WPA-PSK security on it at the very least; that would at least stop it being such a hussy...
0
 
LVL 23

Expert Comment

by:Patrick Bogers
ID: 39766260
Check the DHCP sections in the AP, it will show you.
0
 
LVL 19

Assisted Solution

by:Jeremy Weisinger
Jeremy Weisinger earned 664 total points
ID: 39767195
I agree that there seems to be a rouge DHCP server on the network. What I would do:

- Temporarily disable your DHCP server (stop the service)
- on a workstation, release and renew the IP address (this should receive an IP address from the rouge DHCP server)
- Start the DHCP service on your DHCP server (so that it will service as many clients as it can)
- on the workstation that has the IP address from the rouge DHCP server:
-- run ipconfig/all and get the IP address of the DHCP server
-- ping the rouge DHCP server
-- run arp -a and get the MAC address of the rouge DHCP server
-- attempt to connect to the rough DHCP server using http/s (this will give you a clue as to what the device is)
-- lookup the vendor information for the MAC address: http://www.coffer.com/mac_find/
-- if you have managed switched, check the arp/mac tables to see which port the rouge DHCP server is connected to.

Following those steps should allow you to track down the rouge DHCP server.
0
 
LVL 16

Accepted Solution

by:
vivigatt earned 668 total points
ID: 39767865
Jeremy Weisinger meant a rogue DHCP server, not a rouge dhcp server !
You can very easily check if there is a rogue dhcp server, read this article:
http://blogs.technet.com/b/teamdhcp/archive/2009/07/03/rogue-dhcp-server-detection.aspx
Download RogueChecker.zip and use the tool on a computer that preferably has a static IP address in your subnet. This can be run on the dhcp server itself for instance.
0
 
LVL 19

Expert Comment

by:Jeremy Weisinger
ID: 39767913
Oops! It was late, yes, I mean rogue. :) Thanks vivigatt.
0
 

Author Comment

by:ozzalot
ID: 39776577
Sorry I haven't responded to your posts.  I've been so busy here at work.  I plan on trying to find that rogue DHCP server today and will report back my results.  Hope you guys had a good weekend.
0
 
LVL 59

Expert Comment

by:LeeTutor
ID: 39838948
I've requested that this question be deleted for the following reason:

Not enough information to confirm an answer.
0
 

Author Comment

by:ozzalot
ID: 39838918
I'm sorry i didn't reply back.  I got flooded with work. I want to thank all you for your help. you were right there was a wireless switch setup with DHCP.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Let's recap what we learned from yesterday's Skyport Systems webinar.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question