User PC inheriting the wrong domain

The DHCP gateway is configured as follows:
ip dhcp excluded-address 10.1.25.62

!
ip dhcp pool UserVlan
 network 10.1.25.0 255.255.255.192
 default-router 10.1.25.1 
 dns-server 10.1.2.11 10.1.29.12 
 domain-name corporate.local
!

!
ip dhcp pool GuestVlAN
 network 10.1.29.0 255.255.255.0
 default-router 10.1.29.1 
 dns-server 8.8.8.8 8.8.4.4 
!

Open in new window


a user is configured with the following static setup:
IP: 10.1.25.62
Mask: 255.255.255.192
DG: 10.1.25.1
PDNS: 10.1.2.11
SDNS: 10.1.29.12

The user then is granted access on the Guest Vlan.
The user switchport is setup as follows:
interface GigabitEthernet1/0/1
 switchport mode access
 switchport access vlan 10
 ip arp inspection trust
 spanning-tree portfast

Open in new window


Why is the user allowed on the GuestVlan instead of the UserVlan?!
Christoforos AcadjiotisSystems and Network AdministratorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

kevinhsiehCommented:
The switch is configured to use VLAN 10, which looks like your user vlan. It's doing exactly what the configuration says.
Craig BeckCommented:
Your config isn't clear in that we can't see what VLANs are configured with each IP range.  You've configured the client with a static IP, so we haven't proven the DHCP or access VLAN.

There's a couple of things I'd call wrong, too.  You've got ip arp inspection trust on the user port.  You should only put that on a link between your switches.  You're not actually enforcing ARP inspection as you have it now.  As well as that you've excluded the IP that you've assigned statically to the host, but not the address of the router.  You need to exclude the address of the router from the DHCP scope.

If you could show us the SVI config for each of the user and guest VLANs we can probably help a bit more.
AkinsdNetwork AdministratorCommented:
In addition to experts comments above, I noticed the following comments in your description, and reversed the sequence
Why is the user allowed on the GuestVlan instead of the UserVlan?!
The user then is granted access on the Guest Vlan

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Christoforos AcadjiotisSystems and Network AdministratorAuthor Commented:
Problem solved.
Thanks experts!
Craig BeckCommented:
Why did you mark the chosen answer as "the answer"?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DHCP

From novice to tech pro — start learning today.