Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AhmedSiddig
New Contributor

Created on ‎01-30-2024 09:03 PM

Devices Not Reciving IP Addresses After Firmware update

Hi Everyone,

 

I recently noticed an issue after i updated my Fortigate 100F from v7.4.1 to v7.4.2 Build 2571, so i have 4 Vlans in my network connected to a Unifi UDM Pro, Switches and Access point.

So all The networks are /24 except for the main one which is /23. so after the update i noticed some of the newly connected devices are not receiving IP Addresses on the main one, and if i connect them to any of the other ones they will get an IP address immediately, the total number of connected clients as shown in the fortigate for the main network will be around 160-190 connected device, so i still have some available addresses to lease.

i had the fortiagte up and running for 2 month now without any issues this only happened after the update, DHCP lease was set to default 7 days so i made it 1 day. but i can still see the issue happening.

 

Could you please let me know what could cause this.

 

Thanks and Regards,

Labels:
1431
0 Kudos
13 REPLIES 13
AhmedSiddig
New Contributor
In response to AEK

Created on ‎02-02-2024 06:19 AM

Am using a unify UDM Pro running as a controller for Access points and switches, so all the vlans and configuration are passed from the FortiGate, but like i mentioned before i had this setup up and running for more thank 2 months and this never happened before.

375
0 Kudos
AhmedSiddig
New Contributor
In response to AEK

Created on ‎02-05-2024 11:23 PM

Hi @AEK i checked everything and tried to restart as well, it was ok for a day because all IP Addresses were expired during the weekend but now its the same, and on the controller i can see that some of the devices are receiving APIPA address, i even tried ipconfig /release/renew but still the same.

 

APIPA .png

 

346
0 Kudos
AEK
SuperUser
SuperUser
In response to AhmedSiddig

Created on ‎02-06-2024 12:04 AM

Hello Ahmed

So far you have the following info:

  • On FG you don't receive dhcp requests with MAC address of the affected client
  • You have set the IP to static and you still can't ping the FG IP
  • You receive APIPA address on the affected client

From the above we can deduce that the client is not in the same broadcast domain with FG.

In case your client is on the same switch as FG then you may check if both ports are on the same VLAN.

If not then try check if the trunk between the two switches allows the client VLAN.

You may also check if there is ACL on the switch on any other related L2 issue or restriction.

AEK
AEK
338
AhmedSiddig
New Contributor
In response to AEK

Created on ‎02-06-2024 12:20 AM

Hi @AEK and thank you for your continued support, regarding the DHCP requests i can see some on system event:system events.png

 

for the setup i have the FortiGate connected to UDM Pro connected to 3 Unifi Switches and access points connected to them, so everyone is connected to the Wi-Fi, i have 4 networks, the first which has a lot of users, the second as a lap environment, Guest, and the last one for all the Equipment.

so most of the people will connect but some won't, so as a work around i just connect them to the second network and everything works (but its not ideal since its a different network).

for the switches there's no ACL configured and same as for the UDM Pro (its just configured as a controller).

 

Thanks,

335
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.