vlan 2 cannot got the DHCP from zyxel firewall

Options
simonwong
simonwong Posts: 18 image  Freshman Member
First Comment First Anniversary
in Wireless

I have 3 firewall usgflex100 which are installed different office, and connecting to some NWA50AX access point.

We have 3 vlan and they are running smoothly before April .

One of the vlan vlan2 cannot get the IP address from the router since April may be…vlan 1 and 3 have no issue. I need reboot all the access point every Monday by manually when I back to office at 9am that can be solved. I tried to set the reboot by schedule on Monday at 6 but cannot be solved.

Access point firmware: V7.10(ABYW.4)

Firewall firmware: 5.42(ABUH.1)

Anyone has this issue? Please help, thanks!

All Replies

  • Zyxel_Melen
    Zyxel_Melen Posts: 4,705 image  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate

    Hi @simonwong

    I would like to know your topology first, since if there has a switch between the firewall and AP, the switch needs to set the VLAN setting correctly.

    If the VLAN setting is correct, or the AP connects to the firewall directly, please help to capture the DHCP packet on the firewall for VLAN 2 interface.

    Capture packet:

    image.png

    Packet file can be found in:

    image.png
    Zyxel Melen


  • Zyxel_Melen
    Zyxel_Melen Posts: 4,705 image  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate

    Also, please check the VLAN2 DHCP pool size settings and the firewall DHCP log. If the DHCP pool is full, which means the IP addresses are all provided, the new clients can't get IP from the firewall. You will need to adjust the lease time and/or DHCP pool size to resolve this issue.

    Zyxel Melen


  • simonwong
    simonwong Posts: 18 image  Freshman Member
    First Comment First Anniversary
    vlan21--packet-capture (1).txt

    The DHCP pool is not full for each office. Pool size is 80 and we have not more than 30 devices need to connect.

    Least time is 1 day.

  • Zyxel_Melen
    Zyxel_Melen Posts: 4,705 image  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate

    Hi @simonwong

    Thanks for your feedback, but I'm a little confuse now. You mentioned it was VLAN 2, but the packet capture is VLAN 21. Was the VLAN 2 a substitute or?

    Also, the attachment only shows the packet counter, but not the packet. Please check/share the .cap file instead.

    Zyxel Melen


  • simonwong
    simonwong Posts: 18 image  Freshman Member
    First Comment First Anniversary

    Sorry make you confused. For example for this office, i have vlan 1, vlan 11

    vlan11--packet-capture.00000.zip

    and vlan 21

    Only vlan 11 has problem.

    vlan11--packet-capture.txt
  • Zyxel_Melen
    Zyxel_Melen Posts: 4,705 image  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate

    Hi @simonwong

    Thanks for the packet. Could you help to share what device are the clients?

    From the packet, I can see the firewall send DHCP offer and DHCP ack to the device. Please help to follow the FAQ below to capture the DHCP packet through the AP. Thanks!

    How to Remote Capture Wireless Packets through an Access Point? — Zyxel Community

    Zyxel Melen


  • simonwong
    simonwong Posts: 18 image  Freshman Member
    First Comment First Anniversary

    i did not put our access point devices for management.

    image.png

Categories

Wireless Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)