Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Autumn 2024 badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Forums
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDLP
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGuard
- FortiGate Cloud
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiMonitor
- FortiManager
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiWebCloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Re: Wifi often not receiving IP address
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Wifi often not receiving IP address
Hi guys
I need some help. I recently upgraded. I recently upgraded my Fortigate 100F to the 7.2.4 version. At the same time I also upgraded my FP431F to the latest version (7.2)
I currently run a setup with two different wifi networks both in tunnel mode. We have a guest network that is running fine without any issues, but there is also a corporate network that is having some weird issues. Sometimes when you try to connect you do not receive an ip address at all and sometimes you do, but after a few minutes it is gone again. I checked the dhcp scope and there should be plenty of IP addresses left.
My thinking is that it has something to do with the ipsec tunnel the corporate network has access to. That's about the only difference between the two. Is there someone who can assist ?
Nominate a Forum Post for Knowledge Article Creation
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
11 REPLIES 11
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Generally you should check if DHCP functions correctly (meaning that the DHCP exchange of messages is done, and ACK received from client). This will also show you where/if the packet is lost.
Start with a packet capture:
diag sniffer packet interface_name/any "port 67 or port 68" 6 0 l
then, if still inconclusive, look into what FortiGate does.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Diagnosing-DHCP-on-a-FortiGate/ta-p/192960 (you are looking at the server daemon)
- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @AlexC-FTNT
I thought it was solved, since it worked stable for about two days. Yesterday however we had an internet outage and this morning the problem started appearing again. Could this be related ?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I don't see any relation between them. Unless the DHCP server is not Fortigate, but a remote server over VPN. In which case the internet outage will also prevent local machines to get IPs.
- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have a dhcp situation too, next time you don't get an ip address try executing clear dhcp lease all, then try to connect again to the wifi, i found that clears my connection error but yet to find what causes it...
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Can you provide more info? What is acting as the DHCP server? Is it the FortiGate? Is it a different device? Is it located on the other end of the IPSec tunnel? Please provide all releveant details so we can assist properly.
Cheers,
Graham
Graham
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'll eleborate a bit more. We have an office site with a fortigate 100F with 8 FortiAP FP431F. We currently use an HP switch (don't exactly know the model). The switch is configured as a hub (I know this is bad) because we're waiting on delivery of new switches and we don't have an HP console cable.
I use two wifi networks which both are in tunnel mode (because of no configurable switches) because of this I'm still able to seperate traffic between the wifi networks.
The guest network which goes straight to the internet has no problem at all.
The private network which has access to an IPsec tunnel to a datacenter often loose its dhcp lease and gets the message "no internet, secured"
Both networks use the fortigate as DHCP server. The only difference I see is the DNS server that is configured in the private network. This one is located on the other side of the IP sec tunnel. However with LAN this server is perfectly pingable while the wifi has issues
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
OK still need more details:
- How is your switch configured as a "hub"? I think you mean to say something else? Do you just mean every switch port is in the same VLAN?
- Have you absolutely confirmed that the device is losing DHCP and not just internet connectivity? How are you confirming this? "no internet, secured" could mean that it has DHCP lease but can't reach internet—perhaps due to DNS issue or something else.
- Is this affecting only one type of device or multiple?
Cheers,
Graham
Graham
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Graham
Thanks for the response.
1. I assume every port is indeed on the same VLAN, but unfortunately I can't check.
2. I did confirm it is the DHCP server, because if I run an ipconfig I get a 169 address.
3. It is affecting multiple devices on multiple access points, however not all devices at once.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
OK next up we should grab some packet captures. Can you please run a packet capture on a problematic device and attach here?
At the same time please run the following commands during problematic device lease acquisition and attach the output:
diagnose debug application dhcps -1
Cheers,
Graham
Graham
Announcements
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
Related Posts
- Please, please, add metavariable support to... 38 Views
- DNS Server in the Interface set... 53 Views
- 100D API support 46 Views
- FortiGate Firewall Can Sending Logs to... 81 Views
- FortiClient VPN IPSEC gives an error... 382 Views
Labels
-
FortiGate
8,341 -
FortiClient
1,686 -
5.2
801 -
FortiManager
703 -
5.4
639 -
FortiAnalyzer
532 -
FortiSwitch
452 -
FortiAP
446 -
6.0
416 -
FortiClient EMS
392 -
5.6
362 -
FortiMail
307 -
6.2
251 -
FortiAuthenticator v5.5
234 -
SSL-VPN
205 -
5.0
196 -
FortiWeb
194 -
IPsec
174 -
FortiNAC
171 -
FortiGuard
132 -
6.4
128 -
SD-WAN
102 -
FortiGateCloud
100 -
FortiSIEM
97 -
FortiCloud Products
95 -
FortiToken
88 -
FortiAuthenticator
80 -
Customer Service
76 -
Wireless Controller
76 -
Firewall policy
67 -
4.0MR3
64 -
FortiProxy
56 -
FortiADC
51 -
Fortivoice
50 -
FortiEDR
50 -
High Availability
48 -
vlan
47 -
ZTNA
45 -
FortiSandbox
43 -
FortiExtender
43 -
FortiDNS
42 -
Routing
39 -
DNS
38 -
BGP
37 -
LDAP
37 -
FortiGate v5.4
35 -
FortiSwitch v6.4
34 -
SAML
32 -
Certificate
32 -
Interface
31 -
NAT
30 -
Authentication
29 -
SSO
29 -
FortiConnect
28 -
RADIUS
27 -
FortiLink
26 -
FortiWAN
25 -
FortiConverter
25 -
FortiGate v5.2
24 -
VDOM
24 -
Web profile
23 -
Application control
22 -
Virtual IP
22 -
Logging
21 -
Fortigate Cloud
19 -
FortiSwitch v6.2
18 -
FortiPortal
18 -
FortiMonitor
18 -
FortiPAM
18 -
SSL SSH inspection
18 -
Traffic shaping
17 -
FortiDDoS
15 -
FortiGate v5.0
14 -
OSPF
14 -
IP address management - IPAM
14 -
SSID
13 -
Static route
13 -
WAN optimization
13 -
FortiCASB
12 -
SNMP
12 -
Automation
12 -
Admin
12 -
System settings
12 -
Web application firewall profile
12 -
FortiManager v5.0
11 -
FortiSOAR
11 -
FortiManager v4.0
10 -
FortiRecorder
10 -
IPS signature
10 -
4.0MR2
9 -
FortiGate v4.0 MR3
9 -
FortiWeb v5.0
9 -
FortiAP profile
9 -
Proxy policy
9 -
FortiBridge
8 -
RMA Information and Announcements
8 -
Security profile
8 -
Port policy
8 -
4.0
7 -
FortiDeceptor
7 -
FortiAnalyzer v5.0
7 -
Traffic shaping policy
7 -
Fabric connector
7 -
Intrusion prevention
7 -
FortiCache
6 -
DNS filter
6 -
trunk
6 -
Packet capture
6 -
Antivirus profile
6 -
FortiCarrier
5 -
FortiToken Cloud
5 -
FortiTester
5 -
Users
5 -
Traffic shaping profile
5 -
Web rating
5 -
Fortinet Engage Partner Program
5 -
3.6
4 -
FortiScan
4 -
Explicit proxy
4 -
FortiDirector
4 -
Internet service database
4 -
Application signature
4 -
DLP sensor
4 -
Email filter profile
4 -
Netflow
4 -
Replacement messages
4 -
FortiDB
3 -
FortiHypervisor
3 -
API
3 -
FortiNDR
3 -
NAC policy
3 -
DLP Dictionary
3 -
DLP profile
3 -
DoS policy
3 -
VoIP profile
3 -
Multicast routing
3 -
FortiInsight
2 -
FortiAI
2 -
Kerberos
2 -
Authentication rule and scheme
2 -
Protocol option
2 -
Schedule
2 -
SDN connector
2 -
Service
2 -
Zone
2 -
Cloud Management Security
2 -
4.0MR1
1 -
FortiManager-VM
1 -
FortiCWP
1 -
Subscription Renewal Policy
1 -
Video Filter
1 -
TACACS
1 -
Multicast policy
1 -
Vulnerability Management
1
Top Kudoed Authors
| User | Count |
|---|---|
| 1632 | |
| 1063 | |
| 749 | |
| 443 | |
| 210 |
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.