Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 860
  • Last Modified:

BAD ADDRESS on DHCP server

Hello experts,
I have a problem with my SBS 2008 server that has the DHCP full of BAD ADDRESS and its causing me problems getting the computers and IP Phones registered on the network.
I already did a couple of things,
I run Scavenging on DNS
Lower the release time on DHCP to 1 day
Erase the BAD ADDRESS records (but they appear contantly)
I create a exclusion range to manually register computers and phones

Maybe im missing something because I still have the issue. I just install a Fortiwifi 60D but the DNS and DHCP are controlled by the server. Im not sure if is a right practice to Enable DHCP on the Fortinet and run from there or leave it on the server.

I will appreciate your comments
0
miguelitx
Asked:
miguelitx
  • 4
  • 4
  • 4
  • +2
3 Solutions
 
Paul MacDonaldDirector, Information SystemsCommented:
Are any DHCP clients multi-homed?  That is, are any of your machines connected to more than one network?

is it possible you have another DHCP server on your network?  Perhaps the Fortiwifi 60D has its DHCP server enabled?
0
 
miguelitxAuthor Commented:
I double check the Fotiwifi and does not have dhcp enable. What are you meaning by multi-homed?
0
 
Paul MacDonaldDirector, Information SystemsCommented:
Multi-homed means the machine is connected to more than one network at a time.  Some machines may have their own Internet connection, or a laptop may be connected to a wired network and a wireless network at the same time.  

If you run IPCONFIG /ALL you'll get a list of network interfaces and their configuration.  You should be able to tell from that if any client is multi-homed.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
UnHeardOfCommented:
Before a dhcp server will issue a client an ip, it will attempt to ping the ip address to make sure its not used. If the the dhcp server receives a ping response it will mark the address as "bad address". Either these ip's are statically assigned to clients or you have another dhcp server that is handing the ip's out. I would double check the fortinet. If your running software version 5.x review the interfaces to see if dhcp is enabled.
0
 
UnHeardOfCommented:
To test to see if you have another dhcp server. Disable the dhcp scope on the microsoft server and then on a client do an ipconfig /release and renew to see if you grab an address. If you do, run an ipconfig /all and you'll see the ip of the dhcp server that issued you an ip.
0
 
Paul MacDonaldDirector, Information SystemsCommented:
"Before a dhcp server will issue a client an ip, it will attempt to ping the ip address to make sure its not used."

I've never heard of this [UnHeardOf] (no pun intended).  Can you post a link to a source that describes that behavior?
0
 
Paul MacDonaldDirector, Information SystemsCommented:
Thanks guys!
0
 
miguelitxAuthor Commented:
Hi guys, thanks
DHCP is not enable in Fortinet. I will disable the dhcp scope to test it out
0
 
myramuCommented:
Hi,

We are using DHCP in Fortigate and it works pretty well. We have more than 500 clients and using Fortigate800.

Good Luck!
0
 
myramuCommented:
If there any IP conflict, FortiGate DHCP can block that IP for specific time.

Good Luck!
0
 
miguelitxAuthor Commented:
I need to enable DHCP on Fortinet because the problem persist. Now the Fortinet is the DHCP.

Thanks guys
0
 
UnHeardOfCommented:
If any of your clients are running a firewall then they would block the ping request from the dhcp server which would think the ip is available which would lead to the bad address entries.
0
 
miguelitxAuthor Commented:
Thanks for the posts, helps me find a way to solve the issue.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

  • 4
  • 4
  • 4
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now