Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 21 replies
  • Answers 3 answers
  • Subscribers 41 subscribers
  • Views 5153 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DHCP Configuration Issue on Sophos XG 125 Firewall

Fabien Lion

Hi all, sorry for my english, I’m french.

When adding a separate Wireless Networks for Guests, I'm having a problem with the DHCP configuration on my Sophos XG125 Firewall and I'm hoping someone can help me.

Background : I created a different SSID in Separate Zone for guest access with a Sophos XG125 Firewall in my network with Sophos APX320 access points. I also configured DHCP service.

Problem : However, the devices do not appear to receive IP addresses. There are the details of my configuration :

  • IP address range: 10.17.10.50 to 10.17.10.100
  • Subnet Mask: 255.255.255.0
  • Gateway: 10.17.10.254
  • DNS Server: 8.8.8.8

What I tried :

  • Restart the DHCP service on the Sophos.
  • Using the previous firmware (SFOS 19.5.1 MR-2-Build624)
  • Test with a different device to see if the problem persists.
  • Restore to factory configuration (but same problem with default Guest SSID).

Questions :

  1. Are there any additional settings I should check ?
  2. Are there any logs on Sophos that could help me diagnose the problem ?
  3. Is this an existing bug due to the firmware/access points ?

Problems:

  • I have SFOS 19.5.2 MR-2-Build624 firmware and I can't update it (I don’t have a valid support subscription).

Thank you in advance for your help!

SSID Settings:

DHCP Settings:



This thread was automatically locked due to age.
Parents
  • 0

    Hello,

    I am considering that it is flat network without L3 in place. From Port1 - you must have switch connected and later it connects the APX. The APX must be receiving the IP addresses from the range 192.168.6.254. When we create the separate zone it creates logical interface and for which you have assigned the IP range as 10.17.10.254/24 and DHCP exist for that.

    Please login to the firewall CLI and go to option number 5 and 3, and execute below commands while trying to receive the IP from DHCP in two different CLI.

    #tcpdump -vvnei any port 67 or port 68

    #drppkt port 67 or port 68

    Kindly review if there is DHCP request on the firewall from the PCs MAC address or not.

    Mayur Makvana
    Technical Account Manager | Global Customer Experience
    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Mayur Makvana

    Hi and thanks for your help,

    I tried both of your commands simultaneously but the firewall does not receive any DHCP request for the MAC address of the PC I am trying to connect to.

  • 0 in reply to Fabien Lion

    please show the "hardware" of the SSID as asked above and also the APX shown as online Access Point.

    Can you be sure, that you are connected with this AP and not some other AP with the same SSID?

    Have you re-saved the SSID?
    You could also try to delete and recreate the DHCP Server manually. Thats what I'd do.

Reply Children
Unfiltered HTML