Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Declan_O_Connell
New Contributor

Created on ‎01-24-2014 03:00 AM

DHCP lease removed due to conflict

Hi, 60c v4.0,build0521,120313 (MR3 Patch 6) this morning acting up, any new devices that connect are been issued an ip address, any devices that have connected before and lease time still active when connecting now dhcp monitor showing the lease with status Removed due to conflict. Also just noticed in dhcp multiple entries for same mac address of devices trying to connect. Any one any ideas. Thanks in advance. Declan
12908
0 Kudos
2 REPLIES 2
g3rman
New Contributor

Created on ‎02-11-2014 07:47 PM

This usually happens when there is a rogue DHCP server on the network that assigns IP addresses from the same range.
A Real World Fortinet Guide Configuration Examples & Frequently Asked Questions http://firewallguru.blogspot.com
A Real World Fortinet Guide Configuration Examples & Frequently Asked Questions http://firewallguru.blogspot.com
2350
0 Kudos
emnoc
Esteemed Contributor III

Created on ‎02-13-2014 02:42 AM

Agreed If you have a switch that supports dhcp-snooping, I would deploy it and enable all ports untrusted except the one that connects to the fortigate. You can track the rogue dhcp-server by issuing ipconfig /all ( windows ) or ipconfig getpacket ( macosx ) and look at the dhcp-server ip_address and try it locate it via the layer2 address. Good luck and also wish that fortigate would provide this simple layer2 security feature of dhcp-snooping on internal switch models of the fortigate. But with the limited number of ports, it' s quite easy to find a directly attached rogue dhcp-server

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
2350
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.