Clients don't receive an IP address from DHCP on newly created VLAN

Question

Hi! I just created a new VLAN and DHCP server with firewall rule and clients are not able to get an IP address. My goal is to have my guest WIFI network (and if I can get this working, my IoT network) on a separate VLAN. I've restarted my switch, firewall, and DHCP server, removed and re-created everything a few times but no joy. 
 
 My newly created VLAN interface: 
 
 My new network IP host: 
 
 My newly created DHCP server on the firewall for the new VLAN:

The new firewall rule to allow traffic from the 192.168.200.0 network to the WAN (placed in top position):

I have a Unifi AP connected but have also tried a wired laptop to another dedicated VLAN port on the switch with the same results: can't get an IP address 
 Thanks for any help!

dsurfer · Answer

After I put the LAN2 virtual Hyper-V NIC in trunk mode, the laptop got an IP from the VLAN 100 network and it can get out to the internet!

LHerzog · Answer

looks like IP helpers are missing on the switches so the Request does not reach the Firewall. at least not on the VLAN interface. 
 Restart the tcpdump for PortA without VLAN 200. 
 tcpdump interface PortA 'port 67 or 68 -n

LHerzog · Answer

The port needs VLAN 200 to be tagged on Switch and the XG needs the VLAN adapter for PortA with VLAN200. So far so good. If that is true, it should work. 
 If the DHCP requests arrive at the Physical interface of the XG, not the VLAN, something with the VLANs in virtual infrastructure or switch is wrong. Is that a virtual firewall? 
 Adding to my first answer: you don't need DHCP relay / helper if the XG has the DHCP Server enabled on the VLAN interface which should be true here.

Clients don't receive an IP address from DHCP on newly created VLAN

Top Replies