DHCP lease removed due to conflict

Forum|Forum|12 years ago
January 24, 2014
2 replies
14528 views

Hi, 60c v4.0,build0521,120313 (MR3 Patch 6) this morning acting up, any new devices that connect are been issued an ip address, any devices that have connected before and lease time still active when connecting now dhcp monitor showing the lease with status Removed due to conflict. Also just noticed in dhcp multiple entries for same mac address of devices trying to connect. Any one any ideas. Thanks in advance. Declan

g3rman

New Member

This usually happens when there is a rogue DHCP server on the network that assigns IP addresses from the same range.

emnoc

New Member

Agreed If you have a switch that supports dhcp-snooping, I would deploy it and enable all ports untrusted except the one that connects to the fortigate. You can track the rogue dhcp-server by issuing ipconfig /all ( windows ) or ipconfig getpacket ( macosx ) and look at the dhcp-server ip_address and try it locate it via the layer2 address. Good luck and also wish that fortigate would provide this simple layer2 security feature of dhcp-snooping on internal switch models of the fortigate. But with the limited number of ports, it' s quite easy to find a directly attached rogue dhcp-server

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded