Update (31/01/2023)
Back to the drawing board. This has broken again.
I have checked the settings in the Cloud Key are set as described below and nothing has changed. My device is set to automatic updates and unfortunatly I didn't record the firmware version when I did the below, however, it is currently UCK G2 v3.0.13 (Network application version: 7.3.76) and the change log suggests this version was distributed over 2 months ago, so I am pretty certain it is not a Ubiquity firmware update that has broken things.
Original
Following on from All DHCP request are blocked from port 68 -> 67 discussion by Dom Nik not surprisingly, things have changed in the last four years and as Sophos (unhelpfully) lock discussions, therefore, in order to provide updated details, I have to start a new post.
Issue:
Devices (notably Android) intermittently fail to pick up an IP address via DHCP where the DHCP server runs on Windows (AD Integrated).
Resolution:
As pointed out by Dom Nik, one has to "Block LAN to WLAN Multicast and Broadcast Data". Today, this setting can be found on the UniFi Controller (Cloud Key):
- Go to Cloud Key > Network > Settings (Gear wheel icon, bottom left) > WiFi > {Name}.
- Next to Advanced, click Manual (1).
- Under Multicast Management click Show Options (2).
- Tick Enable for Multicast Enhancement (3).
- Tick Enable for Multicast and Broadcast Control (4).
- Under Exceptions (5), add the MAC address of the physical* NIC of the LAN (internal) interface of the XG (Firewall).
- Click Apply Changed.
* My firewall is a virtual appliance so I have added the MAC of the virtual NIC and the MAC of the physical NIC associated with the Port Group / Virtual Switch.
As mentioned, this problem is very intermittent, affecting Android devices far more than Windows, but for the last 24 hours or so, Android devices are being issued with an IP. If this changes, I'll update here (assuming the post isn't locked).
HTH
This thread was automatically locked due to age.
Quote