Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AhmedSiddig
New Contributor

Created on ‎01-30-2024 09:03 PM

Devices Not Reciving IP Addresses After Firmware update

Hi Everyone,

 

I recently noticed an issue after i updated my Fortigate 100F from v7.4.1 to v7.4.2 Build 2571, so i have 4 Vlans in my network connected to a Unifi UDM Pro, Switches and Access point.

So all The networks are /24 except for the main one which is /23. so after the update i noticed some of the newly connected devices are not receiving IP Addresses on the main one, and if i connect them to any of the other ones they will get an IP address immediately, the total number of connected clients as shown in the fortigate for the main network will be around 160-190 connected device, so i still have some available addresses to lease.

i had the fortiagte up and running for 2 month now without any issues this only happened after the update, DHCP lease was set to default 7 days so i made it 1 day. but i can still see the issue happening.

 

Could you please let me know what could cause this.

 

Thanks and Regards,

Labels:
1091
0 Kudos
13 REPLIES 13
AEK
SuperUser
SuperUser

Created on ‎01-30-2024 09:56 PM

Hello

Check DHCP pool in the affected interface configuration. If it is too short then it may happen.

AEK
AEK
793
AhmedSiddig
New Contributor
In response to AEK

Created on ‎01-30-2024 10:13 PM

Hi @AEK i still have available addresses to lease :(  

Screenshot 2024-01-31 101042.png

785
0 Kudos
AEK
SuperUser
SuperUser
In response to AhmedSiddig

Created on ‎01-30-2024 11:21 PM

Hi Ahmed

Tey follow this guide to debug the DHCP server. Go to the second section "FortiGate as DHCP server".

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Diagnosing-DHCP-on-a-FortiGate/ta-p/192960

AEK
AEK
763
ssteo
Staff
Staff

Created on ‎01-31-2024 12:43 AM

Hello Ahmed,

 

You can run packet sniffer on Fortigate GUI by filter port 67 and port 68 then save as pcap.

After that open using wireshark and verify whether you got see the PC mac address got sending dhcp discover to Fortigate or not.

752
AhmedSiddig
New Contributor
In response to ssteo

Created on ‎01-31-2024 02:09 AM Edited on ‎01-31-2024 02:09 AM

Hi @ssteo I did a packet capture but i don't think i can see my laptop's mac address there.

what could be the cause of this?

745
0 Kudos
AEK
SuperUser
SuperUser
In response to AhmedSiddig

Created on ‎01-31-2024 03:25 AM

Hi

If you don't see your MAC then you might be in another VLAN.

To confirm this, try fix your IP (static) in the same subnet and ping FG IP of the affected interface.

AEK
AEK
723
hbac
Staff
Staff
In response to AhmedSiddig

Created on ‎01-31-2024 06:52 AM

Hi @AhmedSiddig,

 

Did you run DHCP debugs suggested by AEK? If you don't see your laptop's mac address in the debug, that means FortiGate didn't receive DHCP requests. 

 

Regards, 

707
AhmedSiddig
New Contributor
In response to hbac

Created on ‎02-01-2024 12:47 AM

Hi @AEK @hbac i tried giving it an address and ping the FortiGate but am getting request time out..

684
0 Kudos
AEK
SuperUser
SuperUser
In response to AhmedSiddig

Created on ‎02-01-2024 03:15 AM

Hi Ahmed

Then you need to check your L2 first. Switch(es), VLAN, trunks and so.

AEK
AEK
678
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.