asked on VLAN DHCP - Slow to issue addresses
Scenario:-
2 x NetGear GS748TPS switches (stacked mode)
1 x Watchguard XTM515 Firewall
14 x Watchguard AP200 Wireless Access Points
4 VLANs - ID 1 (default), ID 200 (Customer Wi-Fi), ID 300 (Customer LAN), ID 700 (IP Phones).
VLAN 1 is the default and is used by most PCs in the office. There is a Windows 2012 Server with DHCP server providing IPs in the 192.168.0.x/24 range to the machines on the network.
VLANs 200 and 300 are configured on the Watchguard Firewall, and it is the Watchguard Firewall that is providing DHCP to these two VLANs.
VLAN 200 is available only to devices connected to the AP200s. DHCP leases are in the 192.168.100.x/24 range. This VLAN and DHCP is working as expected.
VLAN 300 is to be assigned to any computer that plugs in to one of six sockets in the building. The ports on the switch that these six sockets are patched in to, have the PVID set to 300, and the VLAN membership has these ports as Untagged on VLAN 300. DHCP leases are in the 192.168.101.x/24 range.
When a machine connects to any one of these six sockets, it takes approximately 2 minutes for an IP address to get allocated. This is unacceptable, but I don't know how I can diagnose this.
Port 3 on the Watchguard Firewall is an Optional interface, and is for VLAN 200 and VLAN 300. I cannot plug a computer directly into port 3 of the Watchguard because I can't tag the VLAN traffic at the computer end, nor can I do it directly on the Watchguard.
Any ideas on how to diagnose, and ultimately resolve this problem would be greatly appreciated.
2 x NetGear GS748TPS switches (stacked mode)
1 x Watchguard XTM515 Firewall
14 x Watchguard AP200 Wireless Access Points
4 VLANs - ID 1 (default), ID 200 (Customer Wi-Fi), ID 300 (Customer LAN), ID 700 (IP Phones).
VLAN 1 is the default and is used by most PCs in the office. There is a Windows 2012 Server with DHCP server providing IPs in the 192.168.0.x/24 range to the machines on the network.
VLANs 200 and 300 are configured on the Watchguard Firewall, and it is the Watchguard Firewall that is providing DHCP to these two VLANs.
VLAN 200 is available only to devices connected to the AP200s. DHCP leases are in the 192.168.100.x/24 range. This VLAN and DHCP is working as expected.
VLAN 300 is to be assigned to any computer that plugs in to one of six sockets in the building. The ports on the switch that these six sockets are patched in to, have the PVID set to 300, and the VLAN membership has these ports as Untagged on VLAN 300. DHCP leases are in the 192.168.101.x/24 range.
When a machine connects to any one of these six sockets, it takes approximately 2 minutes for an IP address to get allocated. This is unacceptable, but I don't know how I can diagnose this.
Port 3 on the Watchguard Firewall is an Optional interface, and is for VLAN 200 and VLAN 300. I cannot plug a computer directly into port 3 of the Watchguard because I can't tag the VLAN traffic at the computer end, nor can I do it directly on the Watchguard.
Any ideas on how to diagnose, and ultimately resolve this problem would be greatly appreciated.
DHCPSwitches / HubsHardware Firewalls
Last Comment
Shane McKeown
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
We all learn something new each day...thanks for the update!
Thank you.