Hi,
One of my Windows virtual servers suddenly lost network connectivity and started showing "Duplicate after its ipv4 address". When I checked the ARP, it was showing the Fortigate LAN Interface Mac address. The Server IP Address is not added to any of the Fortigate Interfaces.
Any Suggestions?
Thanks.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi,
Ideally, When an IP address is assigned to a network interface, the operating system first checks for IP conflicts by sending an ARP probe, which is essentially an ARP request. If no conflicting responses are received, it assigns the IP address to the NIC and then announces it to the network using Gratuitous ARP (GARP).
If you find the FortiGate LAN interface's MAC address associated with the IP address in the server's ARP table, it means the FortiGate has responded to the ARP probe sent by the server during IP assignment. This suggests that the firewall owns the server's IP address and is responding to ARP requests.
I would recommend checking if the server's IP address is used in the firewall's configuration, particularly in settings like IP pools, proxy ARP, VIP (Virtual IP), etc. You can use the following command to verify this:
# sh | grep <server IP address>
If they are used in the config, then you could either remove the settings from the firewall or disable arp-reply under the settings (only if used on IP-Pool or VIP).
You could refer to the article in the below link to perform the same,
https://community.fortinet.com/t5/FortiGate/Technical-Tip-ARP-reply-setting-in-Virtual-IP-IP-Pool/ta...
Cheers,
How is the FortiGate and the server obtained it's IP address? Did you somehow configured the respective with DHCP server?
Hi,
Ideally, When an IP address is assigned to a network interface, the operating system first checks for IP conflicts by sending an ARP probe, which is essentially an ARP request. If no conflicting responses are received, it assigns the IP address to the NIC and then announces it to the network using Gratuitous ARP (GARP).
If you find the FortiGate LAN interface's MAC address associated with the IP address in the server's ARP table, it means the FortiGate has responded to the ARP probe sent by the server during IP assignment. This suggests that the firewall owns the server's IP address and is responding to ARP requests.
I would recommend checking if the server's IP address is used in the firewall's configuration, particularly in settings like IP pools, proxy ARP, VIP (Virtual IP), etc. You can use the following command to verify this:
# sh | grep <server IP address>
If they are used in the config, then you could either remove the settings from the firewall or disable arp-reply under the settings (only if used on IP-Pool or VIP).
You could refer to the article in the below link to perform the same,
https://community.fortinet.com/t5/FortiGate/Technical-Tip-ARP-reply-setting-in-Virtual-IP-IP-Pool/ta...
Cheers,
Yes, the Server IP Address is used under IP Pools for natting purposes, and after disabling ARP-Reply, it started working. The above command showed this:
set subnet 192.168.1.29 255.255.255.255
edit "192.168.1.29"
set startip 192.168.1.29
set endip 192.168.1.29
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1633 | |
1063 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.