Hi Everyone,
I recently noticed an issue after i updated my Fortigate 100F from v7.4.1 to v7.4.2 Build 2571, so i have 4 Vlans in my network connected to a Unifi UDM Pro, Switches and Access point.
So all The networks are /24 except for the main one which is /23. so after the update i noticed some of the newly connected devices are not receiving IP Addresses on the main one, and if i connect them to any of the other ones they will get an IP address immediately, the total number of connected clients as shown in the fortigate for the main network will be around 160-190 connected device, so i still have some available addresses to lease.
i had the fortiagte up and running for 2 month now without any issues this only happened after the update, DHCP lease was set to default 7 days so i made it 1 day. but i can still see the issue happening.
Could you please let me know what could cause this.
Thanks and Regards,
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello
Check DHCP pool in the affected interface configuration. If it is too short then it may happen.
Hi @AEK i still have available addresses to lease :(
Hi Ahmed
Tey follow this guide to debug the DHCP server. Go to the second section "FortiGate as DHCP server".
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Diagnosing-DHCP-on-a-FortiGate/ta-p/192960
Hello Ahmed,
You can run packet sniffer on Fortigate GUI by filter port 67 and port 68 then save as pcap.
After that open using wireshark and verify whether you got see the PC mac address got sending dhcp discover to Fortigate or not.
Created on 01-31-2024 02:09 AM Edited on 01-31-2024 02:09 AM
Hi @ssteo I did a packet capture but i don't think i can see my laptop's mac address there.
what could be the cause of this?
Hi
If you don't see your MAC then you might be in another VLAN.
To confirm this, try fix your IP (static) in the same subnet and ping FG IP of the affected interface.
Hi @AhmedSiddig,
Did you run DHCP debugs suggested by AEK? If you don't see your laptop's mac address in the debug, that means FortiGate didn't receive DHCP requests.
Regards,
Hi Ahmed
Then you need to check your L2 first. Switch(es), VLAN, trunks and so.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1092 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.