Results 1 to 10 of 10

Thread: Wireless router looses sync with firewall

  1. #1
    Senior Member
    Join Date
    May 2004
    Posts
    274

    Wireless router looses sync with firewall

    Hello All,

    I am just in a middle of some very strange problem,

    I am using Cisco WAP 4410N for Wireless Access and its connected to our Sonicawall firewall. It uses our sonicwall DHCP for IP Address leases ( for mobile devices). Usually, we don't allow DHCP over our network. PC are assigned IP addresses manually but for mobile devices sonicwall DHCP is being used. Now, I have a situation when I come to office early morning my iphone doesn't connect to Wireless and its not just me all the other wireless devices doesn't connect (as they are unable to get IP address from DHCP). I had to restart the Cisco Wireless Router and than all the mobile devices get there ip addresses and everything seems to working. I tried to search this problem over the internet but with no success.
    Does anyone having idea as what this could be.

    Many Thanks
    Excuse me, is there an airport nearby large enough for a private jet to land?

  2. #2
    Senior Member
    Join Date
    Mar 2008
    Posts
    262
    Things to check on the DHCP configuration:
    lease expiration should be a short period of time,
    there are leases available in the early morning.

    The problem is that if a mobile device with a lease is turned off and the DHCP server has not expired that lease, another lease will be required when the mobile device tries to reconnect. The old lease will not be recycled until after it expires.

    I set leases for an hour or two. A device will renew its lease after approximately half of it is used. Unless there are hundreds of devices seeking leases, lease renewal won't be noticed on the network. The maximum should not be longer than the work day.

  3. #3
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,187
    ^^ Good advice.
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  4. #4
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    See if the WAP has any firmware updates. Cisco software regularly has bugs in it.

    You can also try to put a machine between the WAP and the firewall. Or perhaps you can do a packet capture on the firewall itself. You can verify if it's actually receiving the DHCP requests, or not.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  5. #5
    Senior Member
    Join Date
    May 2004
    Posts
    274
    Quote Originally Posted by ua549 View Post
    Things to check on the DHCP configuration:
    lease expiration should be a short period of time,
    there are leases available in the early morning.

    The problem is that if a mobile device with a lease is turned off and the DHCP server has not expired that lease, another lease will be required when the mobile device tries to reconnect. The old lease will not be recycled until after it expires.

    I set leases for an hour or two. A device will renew its lease after approximately half of it is used. Unless there are hundreds of devices seeking leases, lease renewal won't be noticed on the network. The maximum should not be longer than the work day.
    Hello UA549:
    Thanks for the advice, I have changed the DHCP lease to '60 mins' from '7200 mins'. I will keep you guys posted with the results.
    Thanks
    Excuse me, is there an airport nearby large enough for a private jet to land?

  6. #6
    Senior Member
    Join Date
    May 2004
    Posts
    274
    Hi Guys,
    still no luck, I still need to restart my wireless bridge / router after that my iphone gets the ipaddress. WE have only 5 mobile devices and range is of 30 ip addresses.

    Thanks
    Excuse me, is there an airport nearby large enough for a private jet to land?

  7. #7
    Senior Member
    Join Date
    Mar 2008
    Posts
    262
    Are there leases available when the problem occurs?

    Another possibility is to reserve DHCP leases based on the mac address of each user's device.

  8. #8
    Senior Member
    Join Date
    May 2004
    Posts
    274
    Yes they are available, like we got a DHCP range of 30 IP and only got 3 devices. So, its a long range of IP addresses available.
    I will try the second posibility as well.
    Thanks
    Excuse me, is there an airport nearby large enough for a private jet to land?

  9. #9
    Senior Member
    Join Date
    Mar 2008
    Posts
    262
    Don't forget that a passerby can also obtain a lease. On my main network I only grant leases to known devices.

  10. #10
    Senior Member
    Join Date
    May 2004
    Posts
    274
    Yes, but its password protected so unfair use

    Thanks
    Excuse me, is there an airport nearby large enough for a private jet to land?

Similar Threads

  1. Auditing Routers: The Checklist - Looking for Feeback
    By KuiXing-2005 in forum Network Security Discussions
    Replies: 2
    Last Post: April 4th, 2005, 04:44 PM
  2. Firewall Basics by stevecronin
    By stevecronin in forum The Security Tutorials Forum
    Replies: 7
    Last Post: January 23rd, 2005, 04:47 AM
  3. Am I going Nuts or what?????
    By Tiger Shark in forum General Computer Discussions
    Replies: 31
    Last Post: January 11th, 2005, 04:37 PM
  4. anyone want to help me with some cisco hw?
    By Simo in forum Miscellaneous Security Discussions
    Replies: 7
    Last Post: October 28th, 2003, 03:47 PM
  5. Proxies and Packet Filters in Plain English
    By Remote_Access_ in forum Security Archives
    Replies: 3
    Last Post: December 13th, 2001, 10:58 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •