Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1835
Views
0
Helpful
5
Replies

Firepower 5516 DHCP Issue

usmanlodhi1001
Level 1
Level 1

‎08-16-2020 09:00 AM

I have a 5516 firewall with FDM and configure the DHCP on one of the sub-interface. now the device connected to that vlan is getting new and new IP after every 2 second. Kindly please help me in that. 

0 Helpful
5 Replies 5

balaji.bandi
Hall of Fame
Hall of Fame

‎08-16-2020 01:35 PM

Not that we aware of this kind of issue before :

 

Can you please explain :

 

1. are you getting the same IP address range and different IP

2. check Logs what is the reason?

3. Hope this is a wired network or (clarify if wireless network)

4. also check any other DHCP Servers running same network?

 

what is the version of the code ? how is your network flows ( client to DHCP Server ?)

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

usmanlodhi1001
Level 1
Level 1
In response to balaji.bandi

‎08-16-2020 01:56 PM

2020-08-16 18:16:20 ajp-nio-8009-exec-7: WARN LogFilter:283 - Couldn't find any helper support the HTTP_Bearer challenge scheme.
2020-08-16 18:16:20 ajp-nio-8009-exec-7: INFO LogService:171 - 2020-08-16 18:16:20 192.168.1.10 - 127.0.0.1 443 GET /api/fdm/latest/jobs/deployments/4d102161-dfec-11ea-a1e1-7ffd607cc2fb - 200 - 0 48 https://192.168.1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 https://192.168.1.1/
2020-08-16 18:16:20 ajp-nio-8009-exec-6: WARN LogFilter:283 - Couldn't find any helper support the HTTP_Bearer challenge scheme.
2020-08-16 18:16:20 ajp-nio-8009-exec-6: INFO LogService:171 - 2020-08-16 18:16:20 192.168.1.10 - 127.0.0.1 443 GET /api/fdm/latest/jobs/deployments/4d102161-dfec-11ea-a1e1-7ffd607cc2fb - 200 - 0 5 https://192.168.1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 https://192.168.1.1/
2020-08-16 18:16:20 ajp-nio-8009-exec-2: WARN LogFilter:283 - Couldn't find any helper support the HTTP_Bearer challenge scheme.
2020-08-16 18:16:20 ajp-nio-8009-exec-2: INFO LogService:171 - 2020-08-16 18:16:20 192.168.1.10 - 127.0.0.1 443 GET /api/fdm/latest/jobs filter=status%3AIN_PROGRESS&limit=10&offset=0&sort=-startDateTime 200 - 0 7 https://192.168.1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 https://192.168.1.1/
2020-08-16 18:16:20 ajp-nio-8009-exec-5: WARN LogFilter:283 - Couldn't find any helper support the HTTP_Bearer challenge scheme.
2020-08-16 18:16:20 ajp-nio-8009-exec-5: INFO LogService:171 - 2020-08-16 18:16:20 192.168.1.10 - 127.0.0.1 443 GET /api/fdm/latest/jobs filter=status%3ASUCCESS&limit=0&offset=0&sort=-startDateTime 200 - 0 28 https://192.168.1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 https://192.168.1.1/
2020-08-16 18:16:20 ajp-nio-8009-exec-8: WARN LogFilter:283 - Couldn't find any helper support the HTTP_Bearer challenge scheme.
2020-08-16 18:16:20 ajp-nio-8009-exec-8: INFO LogService:171 - 2020-08-16 18:16:20 192.168.1.10 - 127.0.0.1 443 GET /api/fdm/latest/jobs filter=status%3AFAILED&limit=0&offset=0&sort=-startDateTime 200 - 0 50 https://192.168.1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 https://192.168.1.1/
2020-08-16 18:16:20 ajp-nio-8009-exec-1: WARN LogFilter:283 - Couldn't find any helper support the HTTP_Bearer challenge scheme.
2020-08-16 18:16:20 ajp-nio-8009-exec-1: INFO LogService:171 - 2020-08-16 18:16:20 192.168.1.10 - 127.0.0.1 443 GET /api/fdm/latest/jobs limit=0&offset=0&sort=-startDateTime 200 - 0 78 https://192.168.1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 https://192.168.1.1/
2020-08-16 18:16:21 ajp-nio-8009-exec-9: WARN LogFilter:283 - Couldn't find any helper support the HTTP_Bearer challenge scheme.
2020-08-16 18:16:21 ajp-nio-8009-exec-9: INFO LogService:171 - 2020-08-16 18:16:21 192.168.1.10 - 127.0.0.1 443 GET /api/fdm/latest/operational/deploymentdata/default - 200 - 0 1 https://192.168.1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 https://192.168.1.1/
2020-08-16 18:16:25 ajp-nio-8009-exec-3: WARN LogFilter:283 - Couldn't find any helper support the HTTP_Bearer challenge scheme.



this is the error i am getting.
the dhcp is running and i am getting IP from the firewall as in firewall binding the entry came for like 2 seconds and then gone in the same time this happened to PC also it's cable connected PC with the Switch my previous ASA firewall is working in this same design and working fine when i tried with new firewall this is happening to me.

FDM/FTD 6.4.0

there's no other DHCP running on the network
0 Helpful

usmanlodhi1001
Level 1
Level 1
In response to balaji.bandi

‎08-16-2020 03:09 PM

debug dhcpd packet enabled at level 1
QA.SWB.FORTRESS1# DHCPD/RA: Server msg received, fip=ANY, fport=0 on dynamic_zone interface
DHCPD: DHCPDECLINE received from client 018c.ec4b.95c2.46.
DHCPD/RA: Binding successfully deactivated
dhcpd_destroy_binding() removing NP rule for client 10.153.122.197
DHCPD/RA: free ddns info and binding
DHCPD/RA: Server msg received, fip=ANY, fport=0 on dynamic_zone interface
DHCPD: DHCPDISCOVER received from client 01d8.cb8a.b9dd.9d on interface dynamic_zone.
DHCPD: send ping pkt to 10.153.122.198
DHCPD: ping got no response for ip: 10.153.122.198
DHCPD: Add binding 10.153.122.198 to radix tree
DHCPD/RA: Binding successfully added to hash table
DHCPD: Sending DHCPOFFER to client 01d8.cb8a.b9dd.9d (10.153.122.198).

DHCPD: Total # of raw options copied to outgoing DHCP message is 0.
DHCPD/RA: creating ARP entry (10.153.122.198, d8cb.8ab9.dd9d).
DHCPD: unicasting BOOTREPLY to client d8cb.8ab9.dd9d(10.153.122.198).
DHCPD/RA: Server msg received, fip=ANY, fport=0 on dynamic_zone interface
DHCPD: DHCPREQUEST received from client 01d8.cb8a.b9dd.9d.
DHCPD: Extracting client address from the message
DHCPD: State = DHCPS_REBOOTING
DHCPD: State = DHCPS_REQUESTING
DHCPD: Client 01d8.cb8a.b9dd.9d specified it's address 10.153.122.198
DHCPD: Client is on the correct network
DHCPD: Client accepted our offer
DHCPD: Client and server agree on address 10.153.122.198
DHCPD: Renewing client 01d8.cb8a.b9dd.9d lease
DHCPD: Client lease can be renewed
DHCPD: Sending DHCPACK to client 01d8.cb8a.b9dd.9d (10.153.122.198).
DHCPD: Including FQDN option name 'QASWBRES03.the-ascott.com' rcode1=0, rcode2=0 flags=0x0

DHCPD: Total # of raw options copied to outgoing DHCP message is 0.
DHCPD/RA: creating ARP entry (10.153.122.198, d8cb.8ab9.dd9d).
DHCPD: unicasting BOOTREPLY to client d8cb.8ab9.dd9d(10.153.122.198).
DHCPD/RA: Server msg received, fip=ANY, fport=0 on dynamic_zone interface
DHCPD: DHCPDECLINE received from client 01d8.cb8a.b9dd.9d.
DHCPD/RA: Binding successfully deactivated
dhcpd_destroy_binding() removing NP rule for client 10.153.122.198
DHCPD/RA: free ddns info and binding
DHCPD/RA: Server msg received, fip=ANY, fport=0 on dynamic_zone interface
DHCPD: DHCPDISCOVER received from client 018c.ec4b.95c2.46 on interface dynamic_zone.
DHCPD: send ping pkt to 10.153.122.199
DHCPD: ping got no response for ip: 10.153.122.199
DHCPD: Add binding 10.153.122.199 to radix tree
DHCPD/RA: Binding successfully added to hash table
DHCPD: Sending DHCPOFFER to client 018c.ec4b.95c2.46 (10.153.122.199).

DHCPD: Total # of raw options copied to outgoing DHCP message is 0.
DHCPD: broadcasting BOOTREPLY to client 8cec.4b95.c246.
DHCPD/RA: Server msg received, fip=ANY, fport=0 on dynamic_zone interface
DHCPD: DHCPREQUEST received from client 018c.ec4b.95c2.46.
DHCPD: Extracting client address from the message
DHCPD: State = DHCPS_REBOOTING
DHCPD: State = DHCPS_REQUESTING
DHCPD: Client 018c.ec4b.95c2.46 specified it's address 10.153.122.199
DHCPD: Client is on the correct network
DHCPD: Client accepted our offer
DHCPD: Client and server agree on address 10.153.122.199
DHCPD: Renewing client 018c.ec4b.95c2.46 lease
DHCPD: Client lease can be renewed
DHCPD: Sending DHCPACK to client 018c.ec4b.95c2.46 (10.153.122.199).
DHCPD: Including FQDN option name 'QASWBENG02.the-ascott.com' rcode1=0, rcode2=0 flags=0x0

DHCPD: Total # of raw options copied to outgoing DHCP message is 0.
DHCPD: broadcasting BOOTREPLY to client 8cec.4b95.c246.
DHCPD/RA: Server msg received, fip=ANY, fport=0 on dynamic_zone interface
DHCPD: DHCPDECLINE received from client 018c.ec4b.95c2.46.
DHCPD/RA: Binding successfully deactivated
dhcpd_destroy_binding() removing NP rule for client 10.153.122.199
DHCPD/RA: free ddns info and binding
DHCPD/RA: Server msg received, fip=ANY, fport=0 on dynamic_zone interface
DHCPD: DHCPDISCOVER received from client 01d8.cb8a.b9dd.9d on interface dynamic_zone.
DHCPD: send ping pkt to 10.153.122.200
DHCPD: ping got no response for ip: 10.153.122.200
DHCPD: Add binding 10.153.122.200 to radix tree
DHCPD/RA: Binding successfully added to hash table
DHCPD: Sending DHCPOFFER to client 01d8.cb8a.b9dd.9d (10.153.122.200).

DHCPD: Total # of raw options copied to outgoing DHCP message is 0.
DHCPD/RA: creating ARP entry (10.153.122.200, d8cb.8ab9.dd9d).
DHCPD: unicasting BOOTREPLY to client d8cb.8ab9.dd9d(10.153.122.200).
DHCPD/RA: Server msg received, fip=ANY, fport=0 on dynamic_zone interface
DHCPD: DHCPREQUEST received from client 01d8.cb8a.b9dd.9d.
DHCPD: Extracting client address from the message
DHCPD: State = DHCPS_REBOOTING
DHCPD: State = DHCPS_REQUESTING
DHCPD: Client 01d8.cb8a.b9dd.9d specified it's address 10.153.122.200
DHCPD: Client is on the correct network
DHCPD: Client accepted our offer
DHCPD: Client and server agree on address 10.153.122.200
DHCPD: Renewing client 01d8.cb8a.b9dd.9d lease
DHCPD: Client lease can be renewed
DHCPD: Sending DHCPACK to client 01d8.cb8a.b9dd.9d (10.153.122.200).
DHCPD: Including FQDN option name 'QASWBRES03.the-ascott.com' rcode1=0, rcode2=0 flags=0x0

DHCPD: Total # of raw options copied to outgoing DHCP message is 0.
DHCPD/RA: creating ARP entry (10.153.122.200, d8cb.8ab9.dd9d).
DHCPD: unicasting BOOTREPLY to client d8cb.8ab9.dd9d(10.153.122.200).
debug dhcpd packeDHCPD/RA: Server msg received, fip=ANY, fport=0 on dynamic_zone interface
DHCPD: DHCPDECLINE received from client 01d8.cb8a.b9dd.9d.
DHCPD/RA: Binding successfully deactivated
dhcpd_destroy_binding() removing NP rule for client 10.153.122.200
DHCPD/RA: free ddns info and binding undebug dhcpd pacdebug dhcpd packet disabled.
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to usmanlodhi1001

‎08-16-2020 03:27 PM

Just Looking at the DHCP Log, i see different MAC Address here, when the DHCP offer IP address.

 

what is the end device here? is this output DHCP information from a single device or multiple devices?

 

can you post relevant DHCP config from FTD?

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card