Skip to main content
bainwave
bainwave
New Member
December 8, 2012
Question

Internal1 mac address creating IP Conflict

  • December 8, 2012
  • 11 replies
  • 10388 views
Hello All, Got Fortigate 80C unit. All of a sudden, my internal 1 port started sending ip conflict to the machines in my network. This i found in the affected machines event viewer. The event viewer throwing a message stating that this ip is used by a machine with xx xx xx xx xx mac address. That mac address belongs to internal 1 port of fortinet firewall. The following were tried on the affected machine.... 1. Removed and re installed the LAN drivers twice 2. Changed the ports and cables as well.. 3. Finally formatted the machine and re installed the OS and drivers Despite of working for the last 2 days we did not able resolve the issue. I have servers in production. Your advise in highly appreciable. Thanks in advance.

    11 replies

    Dave_Hall
    Dave_Hall
    New Member
    December 8, 2012
    How are the machines in your network assigned IP addresses? Through DHCP? Is port1 on the Fortigate configured with a static IP or is it assigned via DHCP as well? If DHCP is involved, it may be easier to just log into the DHCP server, locate the MAC address or IP address entry (in the pool of leased IPs) and delete it. Have the machine renew it' s IP address. If this is not possible then check the machine' s nic driver for a " soft hardware address" setting that you can change. (Alternately, releasing/renewing the IP address on the machine about 20 times may also work.) If you are seeing multiple conflicting IP addresses on the network then look for a rouge DHCP server or computer running ICS.
    bainwave
    bainwaveAuthor
    New Member
    December 9, 2012
    Dave, Once again thanks for suggestion. My environment is running on static IP' s and there is no chance for the users to change the IP address. Checked the environment for Rogue DHCP servers but nothing found.
    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    December 9, 2012
    Is the conflicting IP address the interface address of ' internal1' ? It might as well be - (one of) the secondary IP address(es) of ' internal1' - a VIP Which host is the culprit - the FGT or the other host mentioned in the log entry? In other words, is the other host legitimately using the conflicting IP address? For a quick scan of the FGT configuration, backup the config and open it in a text editor. Search for the conflicting IP address.
    bainwave
    bainwaveAuthor
    New Member
    January 23, 2013
    Oops, Sorry for the delay in replying as am not well. I checked the backup file as advsied, but there is no reference of duplicate ip. Need your experts advise. Thanks in advance
    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    January 23, 2013
    Still I suspect that you have configured a VIP on the internal port of the FGT with a misfitting network mask. Could you please post the config for port ' internal' ? As the internal address is not critical security-wise.
    Dave_Hall
    Dave_Hall
    New Member
    January 23, 2013
    Just to summarize the problem: the computers in your network are assigned static IP addresses and more than 1 computer is receiving reports (in event viewer) that there is a IP conflict. The source mac address of the IP conflict is that of the Fortigate Internal port? Almost sounds as if a firewall policy was configured from internal -> internal with NAT enabled. (If that is even possible.)
      manish
      manish
      Visitor III
      June 21, 2022

      This problem still exist.. is this a bug or how it is ?

      bainwave
      bainwaveAuthor
      New Member
      January 23, 2013
      Team, Thanks for the speedy response. Will check again the configuration. BTW, I enabled webproxy in the firewall for some users which are at a far location. The ip is using for webproxy is the same internal ip. Is that creating issue? just got the thought and sharing with you? will upload the settings in a few hours. Once again thanks
      Dave_Hall
      Dave_Hall
      New Member
      January 23, 2013
      BTW, I enabled webproxy in the firewall for some users which are at a far location. The ip is using for webproxy is the same internal ip. Is that creating issue?
      What was this set up? How is those users traffic getting routed to/from the Fortigate?
      bainwave
      bainwaveAuthor
      New Member
      January 25, 2013
      Am attaching my network diagram image. Location B users using web proxy in fortigate and accessing internet from location A. Waiting for your replies.
      ede_pfau
      SuperUser
      ede_pfau
      SuperUser
      January 25, 2013
      You' ve got the same subnet on both sides of a routed link, really? How is that going to work?
      bainwave
      bainwaveAuthor
      New Member
      January 25, 2013
      10.44.71.1/25 (255.255.255.128) (location b) traffic is routed to 10.44.71.129 which is a port configuration in location A l3 switch. and the traffic from location will be routed to 10.44.71.1/25 (location b)
      Show more replies
      Terms & ConditionsAccessibility statement