dhcp static mapping not working

version 9.353-4  on a sophos 220

we have dhcp scopes set  with the tick box   "Clients with static mappings only"

we have hosts defined in definitions and userss >network defintions 

the dhcp is giving out the ip addresses reserved for static hosts

so 2 problems

1. the rule static mappings only is not working

2. it is ignoring the static mappings also

  • In reply to Jaydeep:

    In fact, plecavalier has more experience with ASG/UTM than I do, so this discussion has really been beneficial.

    When one clicks the [Make Static] button on the 'IPv4 Lease Table' tab, there should be a check that the IP to be used is outside the 'DHCP Range' listed.  Prior to that button existing, we just used the regular Host definition process, but that's probably more difficult.  Even then, a quick check to see if the assigned IP is in any DHCP range would seem to be easy.  For example, I just got the following:

    secure:/root # cc get_objects dhcp server|grep \'range
                            'range_end' => '172.16.31.110',
                            'range_start' => '172.16.31.101',
                            'range_end' => '192.168.66.254',
                            'range_start' => '192.168.66.100',
                            'range_end' => '10.100.100.63',
                            'range_start' => '10.100.100.40',
                            'range_end' => '172.16.2.199',
                            'range_start' => '172.16.2.100',

    Cheers - Bob

  • In reply to Jaydeep:

    Thanks again for the detailed response JayDeep. I'm assuming you meant "that option if not available".

     

    I've had a bit of time to play with this now and 2 things come to mind...This is all based on the premise that static mappings and DHCP are best practice for a dynamic network environment.

    1. When creating a host with an assigned IP, the system should check if that IP is already assigned or not. In a large scale network even though you can search and sort host definitions, it is prone to human error and therefore proper rudemantory checks by the system during creation should be performed.

    1.1 one should not be able to create a host with an IP within a dynamic range

    1.2 one should not be able to create a host with an IP matching an existing static mapping

  • In reply to plecavalier:

    Please add your suggestion to Check the DHCP server's 'Range' when creating a Host with Static IP and vote for that.  Others that pass by here should add a comment and a vote.

    Cheers - Bob