Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
hleb_hnevashau
Explorer

checkpoint 1800 appliance not responding to dhcp request

Hi all!

Quantum Spark 1800 Appliance Version: R81.10 (996000575)

I have interfaces LAN13.20 with VLAN 20 in HA on two appliances. I have enabled dhcp server on this interface:

chp-01> show dhcp server interface LAN13.20
dhcp: on
include-ip-pool: 192.168.20.150-192.168.20.180
exclude-ip-pool:
relay-to:
relay-secondary:
relay-tertiary:
relay-quaternary:
default-gateway: 192.168.20.253
wins-mode: auto
wins-primary:
wins-secondary:
lease-time: 4
dns: manual
dns-primary: 192.168.8.1
dns-secondary: 192.168.16.102
dns-tertiary:
domain:
assign-addresses-for-known-hosts-only:false
ntp-primary:
ntp-secondary:
tftp:
file:
callmgr-primary:
callmgr-secondary:
xwin-display-mgr:
avaya-voip:

But client devices do not receive ip addresses. I didn't turn on "Assign DHCP IP addresses for known hosts only"

tcpdump shows that requests are coming:

[Expert@chp-01]# tcpdump -i LAN13.20 port 68
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on LAN13.20, link-type EN10MB (Ethernet), capture size 262144 bytes
12:05:31.596501 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 00:50:56:80:4d:26 (oui Unknown), length 300
12:05:34.714835 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 00:50:56:80:4d:26 (oui Unknown), length 300

 

And when I'm looking this MAC in traffic, tcpdump shows ARP reverse requests:

12:06:34.787494 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 00:50:56:80:4d:26 (oui Unknown), length 300
12:06:35.321053 ARP, Reverse Request who-is 00:50:56:80:4d:26 (oui Unknown) tell 00:50:56:80:4d:26 (oui Unknown), length 46
12:06:36.320943 ARP, Reverse Request who-is 00:50:56:80:4d:26 (oui Unknown) tell 00:50:56:80:4d:26 (oui Unknown), length 46
12:06:37.321010 ARP, Reverse Request who-is 00:50:56:80:4d:26 (oui Unknown) tell 00:50:56:80:4d:26 (oui Unknown), length 46

 

I would be grateful if someone could help me.

 

 

 

 

 

0 Kudos
10 Replies
hleb_hnevashau
Explorer

In addition.

[Expert@chp-01]# ps aux | grep dhcpd
root 14168 0.0 0.0 6528 3584 pts/0 S+ 12:47 0:00 grep dhcpd

And there is no dhcp.conf on device

0 Kudos
hleb_hnevashau
Explorer

In addition.

[Expert@chp-01]# ./pfrm2.0/bin/dhcpd -d -cf ./etc/dhcpd.conf.LAN13.20
Internet Systems Consortium DHCP Server 4.3.5
Copyright 2004-2016 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
./etc/dhcpd.conf.LAN13.20 line 11: unexpected end of file
subnet 192.168.20.0 netmask 255.255.255.0 {
^
Configuration file errors encountered -- exiting
exiting.

[Expert@chp-01]# cat /etc/dhcpd.conf.LAN13.20
ddns-update-style none;
Log-facility local7;
option int-local-callmgr code 150 = array of ip-address;
option int-local-avaya-voip code 176 = string;
option int-local-avaya9600-voip code 242 = string;
option int-local-nortel-voip code 128 = string;
option int-local-thomson-voip code 43 = string;
set clop = binary-to-ascii(10,8,",",option dhcp-parameter-request-list);
ping-check true;
authoritative;
subnet 192.168.20.0 netmask 255.255.255.0 {

 

When I manual configure /etc/dhcpd.conf.LAN13.20 its rewrites by own.

0 Kudos
G_W_Albrecht
Legend
Legend

Better contact TAC to get this resolved !

CCSE CCTE CCSM SMB Specialist
0 Kudos
hleb_hnevashau
Explorer

Unfortunately my account is covered with Collaborative Support.

I cannot open an SR directly with Check Point.  And my local Partner  is not responding

0 Kudos
G_W_Albrecht
Legend
Legend

Your CCSP has to help you as you did pay CP support - contacting your local CP SE also could quicken the proceedings !

CCSE CCTE CCSM SMB Specialist
0 Kudos
Chris_Atkinson
Employee Employee
Employee

Is DHCP working on other interfaces/VLANs?

You may also wish to try upgrading to R81.10.05

CCSM R77/R80/ELITE
0 Kudos
hleb_hnevashau
Explorer

DHCP doesn't work on other interfaces either.

WEB console shows that I have the latest version

fwu.jpg

0 Kudos
Chris_Atkinson
Employee Employee
Employee

This isn't the "latest" version but the current recommended one, please refer: sk179615 / sk179797.

 

 

 

CCSM R77/R80/ELITE
0 Kudos
Chris_Atkinson
Employee Employee
Employee

Does the corresponding network object in the UI accidently have "exclude from DHCP" set?

CCSM R77/R80/ELITE
0 Kudos
hleb_hnevashau
Explorer

Thank you for your reply.

I don't see such option for network objects.

chp-01> show network NLB-VLAN-20
name: NLB-VLAN-20
ipv4-address: 192.168.20.0
subnet: 255.255.255.0

This option is provided for single IP addresses, but in my case there are none in this range.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    Tue 23 Apr 2024 @ 11:00 AM (EDT)

    East US: What's New in R82

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap

    Thu 02 May 2024 @ 11:00 AM (SGT)

    APAC: What's new in R82

    Tue 23 Apr 2024 @ 11:00 AM (EDT)

    East US: What's New in R82

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap

    Thu 02 May 2024 @ 11:00 AM (SGT)

    APAC: What's new in R82
    CheckMates Events