Questions

Wrong WLAN IP

+
0 Votes
Locked

Wrong WLAN IP

AruJammer
In our netword we have two accespoint, one is for our visitors (AP6) with ip-range 192.168.6.xxx and the other one (AP2) for own network 192.168.2.xxx.

Got this problem with one user, running XP Pro SP3, when he connects with AP2 he gets an 192.168.6.xxx ip instead of a 192.168.2.xxx.

Network is as follow configured:
192.168.6.xxx receive ip from router (DHCP)
192.168.2.xxx receive ip from a windows 2003 DHCP server.

What could be the problem?
  • +
    0 Votes
    Wizard-09

    But have you configured the wireless box to use this IP range?

    +
    0 Votes

    Yep

    AruJammer

    Everything works gr8, only with this user have this problem.

    I also tried ipconfig /release and then /renew. Disabling and Enable WLAN connections.
    He connects on AP2 but he gets ip 192.168.6.xxx from AP6.

    And one strange thing, if i add a static ip with 192.168.2.xxx , he can acces our network

    +
    0 Votes
    mafergus

    This is a long shot, but is the DHCP scope on AP2 full? Can you disable the DHCP passthru on that ap? maybe you have already looked, but I would;

    1. Check both APS to see if the IP shows up in the DHCP lease table.

    2. Check AP2 and see if there is an additional scope in the AP6 range

    3. Physically shut down the APS individually then together to see if the client still connects. (just wondering if there are APs 3-5)

    4. Clear the entries for the wan and lan connections on the client and make sure there are no static entries in the IP settings for any connection including the alternate connections.

    Hope this helps.

    +
    0 Votes
    mafergus

    How are you verifying which access point it is connecting to? and is there any rule or setting to limit access to either the internal or external user access points?

    +
    0 Votes
    AruJammer

    evevery AP have a different SSID with different key.

    There's no rule, if you mean like mac-rules.
    They are just simple AP, one is a router which releases ip 192.168.6.xxx and the other one is a AP, which is connected to our network.

    +
    0 Votes
    Wizard-09

    How are you going about this, you would need another line to host the wireless which will not be internal to your network, I don't think an extra subnet is any good for you?

    +
    0 Votes
    AruJammer

    I got some more info, maybe wil confuse you more. But i will answer all you "silly" question if needed.

    We have two internet connection from different providers. Both connections are managed by a Sonicwall 2040 Pro.

    There's an acces rule in the firewall wich 192.168.6.xxx can't access 192.168.2.xxx in neither way.

    BUT there's only one configuration based on IP that permits some user's to access AP6 router to use it as a gateway to the internet.

    +
    0 Votes
    Wizard-09

    To be sure I would again check the wireless configuration for that box, you may have misconfigured it easy done, if configuration is correct install something called wireshark on the machine and look at how it's communication with network this will hope you resolve problem.

    +
    0 Votes
    AruJammer

    I'll try your suggestions.

    But this is still strange for me, since this only happens with one PC, we have different PC's and other mobile devices (iPhone,Android,WM) and no one has this problem.

    The user connects on AP2 and he gets ip from AP6.

    But anyways i'll try anything

    +
    0 Votes
    Wizard-09

    Onto it then, maybe also add that mac to the blocked list in mac filtering if your worried this user will gain access to the network, also test with another laptop in case your network is open to attacks because of this problem just a thought :-)

    +
    0 Votes
    CG IT

    There's no way for a client connecting to an access point on one subnet to obtain an address from a DHCP server on a different subnet unless the DHCP server has a relay agent running. You don't mention this in your posts.

    +
    0 Votes
    mafergus

    The wireless access point is allowing dhcp pas through (relay) and for some reason it's DHCP scope is full?

    Touching on an earlier point, assuming it isn't an issue with the client( I know, bug assumption) isn't there a larger issue concerning one's ability to enumerate resources on the network? Unless that segment is limited, it seems like there is a huge hole there.

    +
    0 Votes
    CG IT

    this is different subnets [addressing] so an access point on one subnet with a specific address on that subnet allows a connection just like wired allows a connection. To obtain an address dynamically, there has to be a DHCP server to provide them. That also is on the same subnet. Can't have 2 DHCP servers on the same subnet, [unless using superscopes].

    So how can a host connect to a network on one subnet and obtain an address on another subnet where there is a DHCP server handing out addresses on the subnet the host connects to? Even if the DHCP server ran out of addresses, the APIPA address would be assigned, not an address on a different subnet, unless there is a DHCP relay agent running.

    +
    0 Votes
    AruJammer

    Hey Thnx for your answers and suggestions.

    I noticed that also wired workstation are getting ip from the router.So this is not only an issue with wireless.

    I ask SW for support if they can help me out with this issue.


    If anyone can help me with how to trace a relay agent on a network I will be very thankfull

    +
    0 Votes
    AruJammer

    After checking our Network i finally found the problem.

    We got a loop which bypasses the Sonicwall and releasing it's own IP's on the local network.

    "Someone" connected a cable from the DHCP router to our network. Ofcourse no one didn't do it.

    Thanks for all your replies!

  • +
    0 Votes
    Wizard-09

    But have you configured the wireless box to use this IP range?

    +
    0 Votes

    Yep

    AruJammer

    Everything works gr8, only with this user have this problem.

    I also tried ipconfig /release and then /renew. Disabling and Enable WLAN connections.
    He connects on AP2 but he gets ip 192.168.6.xxx from AP6.

    And one strange thing, if i add a static ip with 192.168.2.xxx , he can acces our network

    +
    0 Votes
    mafergus

    This is a long shot, but is the DHCP scope on AP2 full? Can you disable the DHCP passthru on that ap? maybe you have already looked, but I would;

    1. Check both APS to see if the IP shows up in the DHCP lease table.

    2. Check AP2 and see if there is an additional scope in the AP6 range

    3. Physically shut down the APS individually then together to see if the client still connects. (just wondering if there are APs 3-5)

    4. Clear the entries for the wan and lan connections on the client and make sure there are no static entries in the IP settings for any connection including the alternate connections.

    Hope this helps.

    +
    0 Votes
    mafergus

    How are you verifying which access point it is connecting to? and is there any rule or setting to limit access to either the internal or external user access points?

    +
    0 Votes
    AruJammer

    evevery AP have a different SSID with different key.

    There's no rule, if you mean like mac-rules.
    They are just simple AP, one is a router which releases ip 192.168.6.xxx and the other one is a AP, which is connected to our network.

    +
    0 Votes
    Wizard-09

    How are you going about this, you would need another line to host the wireless which will not be internal to your network, I don't think an extra subnet is any good for you?

    +
    0 Votes
    AruJammer

    I got some more info, maybe wil confuse you more. But i will answer all you "silly" question if needed.

    We have two internet connection from different providers. Both connections are managed by a Sonicwall 2040 Pro.

    There's an acces rule in the firewall wich 192.168.6.xxx can't access 192.168.2.xxx in neither way.

    BUT there's only one configuration based on IP that permits some user's to access AP6 router to use it as a gateway to the internet.

    +
    0 Votes
    Wizard-09

    To be sure I would again check the wireless configuration for that box, you may have misconfigured it easy done, if configuration is correct install something called wireshark on the machine and look at how it's communication with network this will hope you resolve problem.

    +
    0 Votes
    AruJammer

    I'll try your suggestions.

    But this is still strange for me, since this only happens with one PC, we have different PC's and other mobile devices (iPhone,Android,WM) and no one has this problem.

    The user connects on AP2 and he gets ip from AP6.

    But anyways i'll try anything

    +
    0 Votes
    Wizard-09

    Onto it then, maybe also add that mac to the blocked list in mac filtering if your worried this user will gain access to the network, also test with another laptop in case your network is open to attacks because of this problem just a thought :-)

    +
    0 Votes
    CG IT

    There's no way for a client connecting to an access point on one subnet to obtain an address from a DHCP server on a different subnet unless the DHCP server has a relay agent running. You don't mention this in your posts.

    +
    0 Votes
    mafergus

    The wireless access point is allowing dhcp pas through (relay) and for some reason it's DHCP scope is full?

    Touching on an earlier point, assuming it isn't an issue with the client( I know, bug assumption) isn't there a larger issue concerning one's ability to enumerate resources on the network? Unless that segment is limited, it seems like there is a huge hole there.

    +
    0 Votes
    CG IT

    this is different subnets [addressing] so an access point on one subnet with a specific address on that subnet allows a connection just like wired allows a connection. To obtain an address dynamically, there has to be a DHCP server to provide them. That also is on the same subnet. Can't have 2 DHCP servers on the same subnet, [unless using superscopes].

    So how can a host connect to a network on one subnet and obtain an address on another subnet where there is a DHCP server handing out addresses on the subnet the host connects to? Even if the DHCP server ran out of addresses, the APIPA address would be assigned, not an address on a different subnet, unless there is a DHCP relay agent running.

    +
    0 Votes
    AruJammer

    Hey Thnx for your answers and suggestions.

    I noticed that also wired workstation are getting ip from the router.So this is not only an issue with wireless.

    I ask SW for support if they can help me out with this issue.


    If anyone can help me with how to trace a relay agent on a network I will be very thankfull

    +
    0 Votes
    AruJammer

    After checking our Network i finally found the problem.

    We got a loop which bypasses the Sonicwall and releasing it's own IP's on the local network.

    "Someone" connected a cable from the DHCP router to our network. Ofcourse no one didn't do it.

    Thanks for all your replies!