Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 29 subscribers
  • Views 2669 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG and UniFi WLAN Controller > DHCP Timeout

Florian Krammer

Hi guys,

the following installation:

Gateway/DHCP: Sophos XG86 v.18.2

UniFi Cloudkey Gen2 v 5.14.23

3x UniFi AP AC FlexHD (Current firmware)

Clients: iPhones, iPads, MacBooks

 

The following problem:

The APs provide a Mesh WLAN and there are always problems with the AP change, that the clients obviously don't get an IP address. This means that the connection to the AP only works if the client reports: No internet connection or if you look at the details, he doesn't get an IP. In the Sophos log it constantly reports errors from the AP to the cloudkey with invalid traffic:

 

Here the error on the unifi controller:

 

The WLAN is not separated and runs in the LAN of the XG and also uses the DHCP server.

It would be great if someone had an idea or an approach to what this could be due.

Thanks a lot and best regards



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    try increasing the DHCP address renew time and report back your results.

    Also the errors indicate there is no firewall rule matching that and there are no active connections.

    Further review the logviewer -> system report to see how often the IP addresses are refreshed?

    Ian

  • 0 in reply to rfcat_vk

    Hello Ian, thank you for your feedback.

    The DHCP server is running on default: default lease time 1440, maximum lease time 2880.

    The devices are on the Sophos LAN, I have a LAN to LAN rule:
    Source: LAN, Any Host
    Destination: LAN, Any Host
    What: Any Service Accept 

    I cannot find any entries for IP address assignment in the Log viewer. I only see entries for DDNS ...

    Best regards Flo

  • 0 in reply to Florian Krammer

    Hi Florian,

    what assignments do see in the XG DHCP server?

    also do the APs pass address requests or do they assign them?
    are you APS on a seperate interface on thee XG?
    ian

  • 0 in reply to rfcat_vk

    Here a screenshot:

    The APs use Static IP MAC mapping

    The controller hangs on port 4 the APs on port 3 in a bridge-pair and have no separate network or zone, they are in the LAN of the XG.

  • 0 in reply to Florian Krammer

    Hi Florian,

    how many DHCP servers are you using, one on each port or are you using relay?

    DHCP request will not be passed by LAN to LAN rules because they are a broadcast.

    Looking at those log entries would tend to indicate your device has a failing network connection and see the carrier drop and therefore requests a new address.

    Ian

Reply
  • 0 in reply to Florian Krammer

    Hi Florian,

    how many DHCP servers are you using, one on each port or are you using relay?

    DHCP request will not be passed by LAN to LAN rules because they are a broadcast.

    Looking at those log entries would tend to indicate your device has a failing network connection and see the carrier drop and therefore requests a new address.

    Ian

Children