Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Cheeseman1969
New Contributor

DHCP not working when we lose our ISP

Just like the title says, we lose DHCP from the fortinet 501E when we lose our ISP. DHCP is setup on the router and nothing else is giving out those IP's on our network. Weird how this is going on. Our AP are ruckus and once it loses the DHCP IP, it can't get back online. If we connect in via wire and manual IP, it all works. 

Currently Windstream has an issue and this is how we found out about it. It happened last time we lost internet but though it was the AP's. But investigating this, we saw that no DHCP leases are going out. 

Thank

6 REPLIES 6
ede_pfau
Esteemed Contributor III

Are you sure the APs are not cloud-managed?

 

FortiOS version? The DHCP server functionality is rock solid IMHO and losing internet access is far from influencing this. You could sniff your outbound traffic to see what's happening.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Cheeseman1969

Yes our AP's are cloud managed BUT if we wire in, our laptops/desktops does not get a DHCP lease either. Nothing does. It is like it just quits. We thought it was an issue with the AP, but now, need to fix this first. 

 

ede_pfau
Esteemed Contributor III

Then the DHCP funtionality is provided by the APs...

Let's look at the traffic:

open a console window and

 

diag debug enable

diag deb app dhcps -1

 

and then connect a client. Repeat with internet off, and post it here.

 

(to stop: diag deb app dhcps 0 and diag deb dis)


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Cheeseman1969

Actually, the DHCP is provided by the Fortinet. The AP's are on a management vlan and the DHCP is not working on this vlan or any vlan. 

I will try those commands and post here but it will be later today as people are on now. 

 

Dave_Hall

Just curious if when the Internet goes out, is the Windstream gateway device still connected?  Have you logged into it to see what the status say about the connection?

 

We have some sites on a sat modem connections (that are on a private 10. or 100. IP address) that if there is any communicate or cabling issues the modem device defaults to handing out 192.168.x.x IPs to any CPE connected to it.  Not by choice that some of our remote managed sites are using the same 192 IP subnet as common retail routers, but what is more of an issue for us is this Sat ISP provider set the default DNS IP to 192.168.0.1. thus forcing the the fgt to disable the LAN interface because it has matching IP (conflict).  (Sadly these sat modem devices are NAT only devices with no way to allow/set bridging.)

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Cheeseman1969

THis last time, no. We had a fiber cable cut right outside our building. So the line was dead. It is up now. So if I want to test that again, have to do it at night now. LOL

 

 

Labels
Top Kudoed Authors