This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DHCP Reservations Not Working

I have a Sophos UTM 220. We have four DHCP server scopes setup. 192.168.1.xx, 2.xx, 3.xx, 4.xx. The 4.xx server is designated as the guest network. We have setup network definitions for computers on the 1.xx, 2.xx, and 3.xx network. However when computers, that have a reservation on one of these networks, are turned on and log on they are getting an ip address on the guest network instead of their network definition ip address. Right now to prevent this we have to disable the guest network. Once disable the computers will get the proper ip address according to the network definition. Why is this happening? To fix it right now we are having to ipconfig /release and then ipconfig /renew. Then they get the proper ip address and work good. But later on they will once again get a ip address on the guest network. Not sure what is going on!! Please suggest.



This thread was automatically locked due to age.
Parents
  • Hi, Lawrence, and welcome to the UTM Community!

    I'm not sure what you're describing, but if you activate more than one UTM DHCP server on an Ethernet segment, you will not be successful.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • All DHCP Server are on separate Ethernet segments. What is happening is that a computer, that has a static IP address set up for it, does not pickup the assigned ip address but gets an ip address on the guest network instead. We have a rule setup to drop any connection during school hours. We have a church office and a school using the same system. Thus when a computer gets an ip address on the guest network during school hours it can not connect to the internet. Another solution for us would be to disable the guest network during school hours but I have not been able to find out how to do this other than manually disabling it during school hours. There have been instances where I forgot to re-enable it or forgot to disable it. Need an automated way to disable it.
  • If the problem devices are wired, then you have the Guest network somehow connected to your other networks. Check the DHCP log to see where the requests arrive for a guest IP by a machine with a reservation on a different segment.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • If the problem devices are wired, then you have the Guest network somehow connected to your other networks. Check the DHCP log to see where the requests arrive for a guest IP by a machine with a reservation on a different segment.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • All of the devices in question are laptops and all are connecting via wireless network. Our wireless network consist of Unifi pro AP units. All laptops are configured to obtain IP address automatically from dhcp. All laptops are setup in Sophos with a Network Host Definition static mapping.
  • In this case you must work with VLAns or separate the networks physically. Then create unique SSIDs for each network and map them to the appropriate VLAN/network. There must not be any place where the networks are connected together.
    Otherwise the fastest DHCP server wins, it's like gambling... ;-)

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
  • This indicates your wireless is connected somewhere to your wired network.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA