Our Sophos UTM SG135 Release 9.711-5 currently does not assign DHCP adresses to devices on a certain Wifi network (sperate zone, only access to Internet, no access to other networks).
Devices only get APIPA adresses in the end, strangely a tcdump shows that no packets for dhcp negotiation were received.
Assigning proper IP adresses (from the pool of the adresses which the DHCP server should assign) to the devices on the devices by hand is working, Wifi connection works as intended.
The Wifi network is assign to AP15.
We already tried:
These are our settings, for DHCP server, the Wifi itself and the corresponding Firewall rule:
What are your DHCP logs showing you? Are you sure that you aren't using this scope elsewhere?
UTM - 9.713-19 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz 16GB Memory | 500GB SATA HDD | GB Ethernet x5
DHCP logs
deactivation of DHCP server for RG-wlan-Handy:
2022:08:12-08:08:28 nl-ost dhcpd: Internet Systems Consortium DHCP Server 4.4.1 2022:08:12-08:08:28 nl-ost dhcpd: Copyright 2004-2018 Internet Systems Consortium. 2022:08:12-08:08:28 nl-ost dhcpd: All rights reserved. 2022:08:12-08:08:28 nl-ost dhcpd: For info, please visit https://www.isc.org/software/dhcp/ 2022:08:12-08:08:28 nl-ost dhcpd: Config file: /etc/dhcpd.conf 2022:08:12-08:08:28 nl-ost dhcpd: Database file: /var/state/dhcp/dhcpd.leases 2022:08:12-08:08:28 nl-ost dhcpd: PID file: /var/run/dhcpd.pid 2022:08:12-08:08:28 nl-ost dhcpd: Internet Systems Consortium DHCP Server 4.4.1 2022:08:12-08:08:28 nl-ost dhcpd: Copyright 2004-2018 Internet Systems Consortium. 2022:08:12-08:08:28 nl-ost dhcpd: All rights reserved. 2022:08:12-08:08:28 nl-ost dhcpd: For info, please visit https://www.isc.org/software/dhcp/ 2022:08:12-08:08:28 nl-ost dhcpd: Wrote 0 leases to leases file. 2022:08:12-08:08:28 nl-ost dhcpd: Listening on LPF/wlan3/00:1a:8c:0a:54:03/192.168.18.0/24 2022:08:12-08:08:28 nl-ost dhcpd: Sending on LPF/wlan3/00:1a:8c:0a:54:03/192.168.18.0/24 2022:08:12-08:08:28 nl-ost dhcpd: Listening on LPF/wlan0/00:1a:8c:0a:0f:00/192.168.16.0/24 2022:08:12-08:08:28 nl-ost dhcpd: Sending on LPF/wlan0/00:1a:8c:0a:0f:00/192.168.16.0/24 2022:08:12-08:08:28 nl-ost dhcpd: Sending on Socket/fallback/fallback-net 2022:08:12-08:08:28 nl-ost dhcpd: Server starting service.
reactivation of DHCP server for RG-wlan-Handy:
2022:08:12-08:09:18 nl-ost dhcpd: Internet Systems Consortium DHCP Server 4.4.1 2022:08:12-08:09:18 nl-ost dhcpd: Copyright 2004-2018 Internet Systems Consortium. 2022:08:12-08:09:18 nl-ost dhcpd: All rights reserved. 2022:08:12-08:09:18 nl-ost dhcpd: For info, please visit https://www.isc.org/software/dhcp/ 2022:08:12-08:09:18 nl-ost dhcpd: Config file: /etc/dhcpd.conf 2022:08:12-08:09:18 nl-ost dhcpd: Database file: /var/state/dhcp/dhcpd.leases 2022:08:12-08:09:18 nl-ost dhcpd: PID file: /var/run/dhcpd.pid 2022:08:12-08:09:18 nl-ost dhcpd: Internet Systems Consortium DHCP Server 4.4.1 2022:08:12-08:09:18 nl-ost dhcpd: Copyright 2004-2018 Internet Systems Consortium. 2022:08:12-08:09:18 nl-ost dhcpd: All rights reserved. 2022:08:12-08:09:18 nl-ost dhcpd: For info, please visit https://www.isc.org/software/dhcp/ 2022:08:12-08:09:18 nl-ost dhcpd: Wrote 0 leases to leases file. 2022:08:12-08:09:18 nl-ost dhcpd: Listening on LPF/wlan3/00:1a:8c:0a:54:03/192.168.18.0/24 2022:08:12-08:09:18 nl-ost dhcpd: Sending on LPF/wlan3/00:1a:8c:0a:54:03/192.168.18.0/24 2022:08:12-08:09:18 nl-ost dhcpd: Listening on LPF/wlan2/00:1a:8c:0a:3f:02/192.168.12.0/24 2022:08:12-08:09:18 nl-ost dhcpd: Sending on LPF/wlan2/00:1a:8c:0a:3f:02/192.168.12.0/24 2022:08:12-08:09:18 nl-ost dhcpd: Listening on LPF/wlan0/00:1a:8c:0a:0f:00/192.168.16.0/24 2022:08:12-08:09:18 nl-ost dhcpd: Sending on LPF/wlan0/00:1a:8c:0a:0f:00/192.168.16.0/24 2022:08:12-08:09:18 nl-ost dhcpd: Sending on Socket/fallback/fallback-net 2022:08:12-08:09:18 nl-ost dhcpd: Server starting service.
Connecting a wifi client to RG-wlan-Handy: -> no entries in the log
seemingly the clients dont even try to get an adress or the packets get dropped on the way to the DHCP but the firewall log does not show that.
We also disabled IPS but that did not help either.
This wifi, with the same name and same configuration, is used on other APs and firewalls throughout our company on several different physical locations for ease of use, these work without a problem. Clients trying to connect to the malfunctioning wifi have never been connected to those other wifis.
Another thing we found later in the log:
2022:08:12-08:48:37 nl-ost dhcpd: Server starting service.
#2022:08:12-08:48:54 nl-ost dhcpd: receive_packet failed on wlan3: Network is down
2022:08:12-08:48:54 nl-ost dhcpd: receive_packet failed on wlan2: Network is down
2022:08:12-08:48:54 nl-ost dhcpd: receive_packet failed on wlan0: Network is down
But the network is not reported as down, at least not in the network UI.
Are there DHCP-reservations within another lease ... for the non-working devices?There is/was a problem with XG related to this problem... Possible with SG too..
Dirk
Systema Gesellschaft für angewandte Datentechnik mbH // Sophos Platinum PartnerSophos Solution Partner since 2003 If a post solves your question, click the 'Verify Answer' link at this post.
Test notebook has a DHCP reservation for the other non-wifi NIC but none for that wifi NIC. Problem is not confined to one device, it is for all devices wether they are notebooks, smartphones with no earlier connection to that wifi or any company wifi.
I wonder if this could be related to being in the Separate Zone configuration and MTU settings on endpoint devices, like we were discussing HERE.
we neither use unmanaged switches nor UTM on AWS. Would be great if I had an idea on how to tell an iPhone or guest user to change their MTU before they can use the wifi.