This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Reject Network Connections with DHCP problem

I assume we have the same problem as described in this thread, but since that one is closed I cannot add any comments to it.

We have recently added Intercept-X to our servers where we already had it to our clients for quite some time. Our DHCP server is on the Excluded list but still we have a lot of (mostly laptops) that don't get an IP-address from the server.

Server has many entries in Events tab 'Acces request from computer ### denied because it may be unsafe.

What I think might happen is that a laptop trying to connect to the network will send out a DHCP request, but at the same time it may not be obvious for the XG-firewall that this system has a good health, so the firewall sees this DHCP request without having seen a "green" heartbeat signal. In turn the firewall instructs every other system not to accept traffic from t his client including the DHCP-server. So the DHCP server simply drops the request and no DHCP-offer is made.

The server is on the exclusion list, but the client is not (and we don't want to include all clients there, because then we could just switch off this feature alltogether).

Is there any way to instruct the DHCP-server to always allow DHCP traffic from every client regardless of the assumed health status of a client?



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    To clarify:

    1) are the clients and the DHCP server in the same subnet? or is the DHCP traffic transiting across the firewall?

    2) do you have a minimum health set in the sfos firewall rule that controls this traffic?

Reply
  • FormerMember
    0 FormerMember

    To clarify:

    1) are the clients and the DHCP server in the same subnet? or is the DHCP traffic transiting across the firewall?

    2) do you have a minimum health set in the sfos firewall rule that controls this traffic?

Children