Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Georges_Orwell
New Contributor

IPCONFLICT on SSID

Dear all,

 

we just installed fortigate 200D  (FortiOS5.2) as cluster with 10 fortiAP 221AC managed by Fortigate. 2 SSID are brodcasted from fortigate through 10 fortiAP 221 AC. For each SSID there is one subnet (10.33.12.0/24 for WifiGUEST and 10.33.10.0/23 for WIFIPROD), the DHCP is provided by FORTIGATE.

The first SSID WIFIGUEST work like charm, but is very restricted. The second SSID WIFIPROD is WPA2 ENTERPRISE with radius on Windows Server 2008 R2 SP1. On this SSID some clients that tried to connect to it get IPCONFLICT ADDRESS even though their wlan adapter are DHCP configured. On each client issues I noticed that windows event log return the MAC ADDRESS of the supposed faulty device.

Everytime the MAC ADDRESS begin by 1A:5B:0E but this MAC Id seems to be an unknown vendor. Therefore I can't identify said device (Windows,IOS,Android, Tablet, Phone, PC ????)

It's very trouble us because we can't use our FortiAP to connect to Wifi.

So in my WIFI monitor there is no trace log whith MAC ADDRESS logged on windows log.

6 REPLIES 6
emnoc
Esteemed Contributor III

Here's what you can do;

 

 

  port_scan the conflicting device

  change the network range

  exclude the  conflicting device if the address stays the same

  deploy tighter  ping checks in the  DHCP server for address conflict advoidance

 

Ken

 

 

 

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Christopher_McMullan

It may also be related to a known issue.

 

Try this workaround, and if it resolves the issue, open a ticket with TAC, PM me the ticket number, and I'll note it with a bug ID that we can use to track the fix:

config wireless-controller vap

edit ? //--find out the Virtual AP names defined on your unit, and choose the one associated with the affected APs/devices

unset broadcast-suppression

end

 

Regards, Chris McMullan Fortinet Ottawa

hb9wad
New Contributor

Hi Christopher, hi George

 

We have the same issue here with our FortiGate 300C Active/Passive Cluster (FW 5.2.3) with >60 FAP221B (FW v5.0-build075) and 6 different SSIDs. Only on 1 SSID shows this problem but we can reproduce the IP conflict immediately with several clients.

Wireshark shows us the following line:    Duplicate IP address detected for 172.16.104.40 (1a:5b:0e:65:e8:d6) - also in use by 1a:5b:0e:10:39:23

 

As far as I can see on IANA Website, the vendor code 1a:5b:0e is not assigned to any vendor.

Is this a special MAC addres (maybe Multicast) ?

 

I have a support case open with the distributor in Switzerland. I sent them the link to this thread.

Thank you very much for any support.

 

Regards,

Konrad

 

Christopher_McMullan

I'm not sure what that MAC would be for.

Regards, Chris McMullan Fortinet Ottawa

emnoc
Esteemed Contributor III

Could it be a virtual  nic adapter of some sort?  or some other VIP like device ?

 

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
cc1
New Contributor

@ Christopher :

 

I have the same issue and your workaround is working fine.

I have openned a ticket and if you want the number, you can send me an email.

 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors