Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 11 replies
  • Subscribers 5 subscribers
  • Views 10345 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DHCP service offering DHCP packets on other interface...

sratson

I have a network setup with the main LAN on interface eth2 with a DHCP server on the network, and a separate wireless LAN on eth3 with the UTM offering DHCP for that interface. The only thing attached to that IF is a Wireless AP (Not sophos). For some reason, the UTM is offering DHCP addresses on the eth2 IF conflicting with the main LAN DHCP server. This causes issues since the traffic in the WLAN subnet is not allowed to talk to the LAN subnet in the firewall rules, which is working, but people that should be on LAN are not getting LAN IPs all the time.

Any ideas? Thanks.



This thread was automatically locked due to age.
Parents
  • 0

    DHCP server log:

    2016:10:08-13:43:39 grrs dhcpd: DHCPDISCOVER from 31:32:33:34:35:36 (ROGUE) via eth3
    2016:10:08-13:43:40 grrs dhcpd: DHCPOFFER on 192.168.10.20 to 31:32:33:34:35:36 (ROGUE) via eth3
    2016:10:08-13:43:49 grrs dhcpd: DHCPDISCOVER from 31:32:33:34:35:36 (ROGUE) via eth3
    2016:10:08-13:43:49 grrs dhcpd: DHCPOFFER on 192.168.10.20 to 31:32:33:34:35:36 (ROGUE) via eth3
    2016:10:08-13:43:57 grrs dhcpd: DHCPDISCOVER from 31:32:33:34:35:36 (ROGUE) via eth3
    2016:10:08-13:43:57 grrs dhcpd: DHCPOFFER on 192.168.10.20 to 31:32:33:34:35:36 (ROGUE) via eth3
    2016:10:08-13:44:22 grrs dhcpd: DHCPDISCOVER from 31:32:33:34:35:36 (ROGUE) via eth3
    2016:10:08-13:44:22 grrs dhcpd: DHCPOFFER on 192.168.10.20 to 31:32:33:34:35:36 (ROGUE) via eth3
    2016:10:08-13:44:26 grrs dhcpd: DHCPINFORM from 150.147.159.117 via eth3: unknown subnet for client address 150.147.159.117
    2016:10:08-13:45:41 grrs dhcpd: DHCPINFORM from 150.147.159.117 via eth3: unknown subnet for client address 150.147.159.117
    2016:10:08-13:46:23 grrs dhcpd: DHCPINFORM from 150.147.159.103 via eth3: unknown subnet for client address 150.147.159.103

    Eth3 is the wifi interface

    P:\Utils>dhcploc -p 150.147.159.204
    13:44:22    OFFER (IP)150.147.159.63  (S)150.147.159.204 ***
    13:44:22    OFFER (IP)192.168.10.20   (S)192.168.10.1    ***

    run from a server on the eth2 interface

    192.168.10.1 is the eth3 gateway address on the UTM. 150.147.159.204 is the DHCP server on the eth2 subnet.

  • +1 in reply to sratson

    You definitely have an Ethernet segmentation problem.  Maybe someone has plugged a wireless home router into your network?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • +1 in reply to sratson

    You definitely have an Ethernet segmentation problem.  Maybe someone has plugged a wireless home router into your network?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson

    Bob: Turns out you were right... I found a trunk connection behind the switch I am using for the public wifi network that was connected to one of the other Lan switches. After unplugging it, the problem went away. What a relief...

    Thanks.

    Scott

Unfiltered HTML