0

I have abit of an odd problem and a rather complex odd network however im going to make it as simple as possible just incase this is an easy fix.

I have two IP Ranges in our network

192.168.0.0 for servers (statically assigned)

10.0.0.0 for client PC's (statically assigned)

I have setup a DHCP Server and a small test range of free 10.0.0.0 addresses (its about 8 in total) on our domain controller that is on ip 10.0.0.4 I am plugging a thin client into the network and it happily gets a DHCP Address from the pool and everyone is happy.

However i have now removed that small test range from the DHCP Server and replaced it with a 172.20.10.0/24 range, but now the thin client is no longer able to get an IP address.

am i correct in thinking that because the firewall is only interested in traffic from the 10 & 192 address ranges (these are the only ones configured on its interfaces) its doing something to stop the thin client from getting an address, or blocking/dropping the traffic?

Im really not that clued up with the cisco equipment or how it works, im being promised training in the next few weeks / months but nothing has materialised yet. so im hoping until then someone here can help me out.

P.S. please do not request a copy of the firewalls config as for security im not able to provide it.

Kris

Kristiaan
  • 442
  • 1
  • 9
  • 22
  • The firewall shouldn't be involved in broadcast traffic, but it would help if you clarified how the thin client is connected to the DHCP server. Where's this 172.20.10.0/24 range supposed to be - is it on the same broadcast domain as the existing network? Or do you have a DHCP relay on a network device sending the requests over to the domain controller? – Shane Madden Jan 18 '12 at 18:12
  • What do you see in `show ip dhcp bindings`? – Tim Jan 18 '12 at 18:14
  • @shane madden all the equipment is plugged into a 3com switch, the domain controller is running ms dhcp svr which is plugged into the switch the servers are plugged into the switch and the two interfaces on the firewall are plugged into the switch. im not really sure what you mean by broadcast domain – Kristiaan Jan 18 '12 at 18:20
  • @Tim when i try that command i get Result of the command: "show ip dhcp bindings" show ip dhcp bindings ^ ERROR: % Invalid input detected at '^' marker. the marker is at the start of the d on dhcp – Kristiaan Jan 18 '12 at 18:22
  • 1
    Does the server that DHCPd is running on have a NIC with an IP from the 172.20.10.0/24 range? DHCPd will only assign IPs through a matching network (except dhcp proxies, but that's not the case here). – Chris S Jan 18 '12 at 18:27
  • @Chris S Hi Chris, i was not aware of this, I will add an ip address to the domain controller from the 172 range now and see if that cures the problem. Just tried adding an address from the 172 range onto the domain controllers network card alongside the 10.0.0.4 address it has but the thin client still wont pick up an address. – Kristiaan Jan 18 '12 at 18:33
  • 1
    Did you restart DHCPd after adding the IP? – Chris S Jan 18 '12 at 20:09
  • @Chris S yes restarted the DHCP service after adding the IP, i wasn't sure if i had to or not so i figured it wont hurt to be on the safe side. – Kristiaan Jan 19 '12 at 09:00

1 Answers1

0

Ok so I managed to resolve this problem, it appears as the MS DHCP client does not like you adding second IP addresses to the same card in order to try and get it to work across the one interface, you need to have a totally seperate network card installed and configured for the range in question (you also need to leave the gateway address blank on the second card otherwise that generates issues as well).

But its all working now, thanks to everyone who commented, ive learnt a lot.

kris

Kristiaan
  • 442
  • 1
  • 9
  • 22