Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.

Dashrender

@dbeato said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

One thing to keep in mind with Sonicwall that you can't have Static DHCP entries within the DHCP Scope.

Another thing to note is that the Unifi Switches with a Unifi Server Controller give a lot of troubles with VLAN configuration (I am not talking about EdgeSwitches but the Unifi Swtiches). We needed to replace a USG and multiple Unifi Switches causing wireless issues with the Guest network as you mentioned.

Huh, I have Unifi switches - and while I would say a standard command line config for VLANs is easier, I wouldn't say I had real troubles with the VLANs.

travisdh1

@dbeato said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

One thing to keep in mind with Sonicwall that you can't have Static DHCP entries within the DHCP Scope.

That is so annoying!

Dashrender

@travisdh1 said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

@dbeato said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

One thing to keep in mind with Sonicwall that you can't have Static DHCP entries within the DHCP Scope.

That is so annoying!

This is just a crazy limitation! JB would likely die than use that because of this alone...

travisdh1

@Dashrender said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

@travisdh1 said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

@dbeato said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

One thing to keep in mind with Sonicwall that you can't have Static DHCP entries within the DHCP Scope.

That is so annoying!

This is just a crazy limitation! JB would likely die than use that because of this alone...

I think JB likes all UTM devices about the same. Toss em in the lake I say.

dbeato

@Dashrender said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

@travisdh1 said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

@dbeato said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

One thing to keep in mind with Sonicwall that you can't have Static DHCP entries within the DHCP Scope.

That is so annoying!

This is just a crazy limitation! JB would likely die than use that because of this alone...

Yup

dbeato

@JasGot said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

@dbeato said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

Another thing to note is that the Unifi Switches with a Unifi Server Controller give a lot of troubles with VLAN configuration (I am not talking about EdgeSwitches but the Unifi Swtiches).

When you get a few minutes, can you elaborate? This sounds like we are experiencing. DHCP issues?

I just updated the firmware on all of the switches and found one loop. I'm hopeful things are better tomorrow.

Basically, we have two customers that once they added a VLAN for their Guest wireless it was not working . First I thought it was the Guest services enabled on the SSID with the splash screen but it was not. We removed it and internet works but the VLAN gets applied randomly.

Dashrender

@dbeato said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

@JasGot said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

@dbeato said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

Another thing to note is that the Unifi Switches with a Unifi Server Controller give a lot of troubles with VLAN configuration (I am not talking about EdgeSwitches but the Unifi Swtiches).

When you get a few minutes, can you elaborate? This sounds like we are experiencing. DHCP issues?

I just updated the firmware on all of the switches and found one loop. I'm hopeful things are better tomorrow.

Basically, we have two customers that once they added a VLAN for their Guest wireless it was not working . First I thought it was the Guest services enabled on the SSID with the splash screen but it was not. We removed it and internet works but the VLAN gets applied randomly.

interesting - if there are open ports on the sonicwall - you could just use one of them as the interface, and have the switch be an untagged port for that specific VLAN, then the sonicwall won't care, or know it's a VLAN.

dbeato

@Dashrender said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

@dbeato said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

@JasGot said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

@dbeato said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

Another thing to note is that the Unifi Switches with a Unifi Server Controller give a lot of troubles with VLAN configuration (I am not talking about EdgeSwitches but the Unifi Swtiches).

When you get a few minutes, can you elaborate? This sounds like we are experiencing. DHCP issues?

I just updated the firmware on all of the switches and found one loop. I'm hopeful things are better tomorrow.

Basically, we have two customers that once they added a VLAN for their Guest wireless it was not working . First I thought it was the Guest services enabled on the SSID with the splash screen but it was not. We removed it and internet works but the VLAN gets applied randomly.

interesting - if there are open ports on the sonicwall - you could just use one of them as the interface, and have the switch be an untagged port for that specific VLAN, then the sonicwall won't care, or know it's a VLAN.

Which we did.

JasGot

@dbeato said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

Which we did.

Did it solve the issue?

JasGot

@Dashrender said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

interesting - if there are open ports on the sonicwall - you could just use one of them as the interface, and have the switch be an untagged port for that specific VLAN, then the sonicwall won't care, or know it's a VLAN.

I can do that. I am not certain it is the sonicwall failing to deliver the DHCP though. The sonicwall connection monitor never shows a connection from the device (iphone). At this point, any changes I make to the UniFi gear has an impact. Nothing has fixed it, but it has an impact.

Then I read about Unifi Switch issues and version 4.0.69 here but even when I go back to 4.0.66, my problems still remain. I think Ubiquiti is experience a major problem with DHCP and VLAN scenarios and they have not figured it out yet.

Obsolesce

Did you break out Wireshark yet to check each network segment for where it's failing to relay to?

Do devices get an address on the same network as the dhcp server?

JasGot

@Obsolesce said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

Did you break out Wireshark yet to check each network segment for where it's failing to relay to?

Do devices get an address on the same network as the dhcp server?

I haven't because it is only some iphones. Like, 4 out of 100 iphones don't get dhcp addresses. every other brand device works fine.

dbeato

@JasGot said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

@dbeato said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

Which we did.

Did it solve the issue?

Yeah, but ultimately we needed to replace the USG as it was going offline every few minutes at a time no matter which controller we had (Local and CLoud).

Dashrender

@JasGot said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

@Obsolesce said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

Did you break out Wireshark yet to check each network segment for where it's failing to relay to?

Do devices get an address on the same network as the dhcp server?

I haven't because it is only some iphones. Like, 4 out of 100 iphones don't get dhcp addresses. every other brand device works fine.

what model are those iPhones? sure it's not just a phone issue?
Wireshark should be able to tell if the DHCP request is even coming in.

JasGot

@Dashrender said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

what model are those iPhones? sure it's not just a phone issue?
Wireshark should be able to tell if the DHCP request is even coming in.

Not sure, and I'm sure it is. But it's one of those situations that we have to overcome or work around. This is a group the believes if it says Apple, it cannot be at fault.

I want to get the Windows Server to serve DHCP to 10 iphones with my 10 spare Device CALs. So I am back to the Windows Server DHCP assigning address on VLAN 10.

If I can make this work, I'll prove them with a new DHCP only server.

I'm down to the last 5 days to make this work.....

Obsolesce

@JasGot said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

@Dashrender said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

what model are those iPhones? sure it's not just a phone issue?
Wireshark should be able to tell if the DHCP request is even coming in.

Not sure, and I'm sure it is. But it's one of those situations that we have to overcome or work around. This is a group the believes if it says Apple, it cannot be at fault.

I want to get the Windows Server to serve DHCP to 10 iphones with my 10 spare Device CALs. So I am back to the Windows Server DHCP assigning address on VLAN 10.

If I can make this work, I'll prove them with a new DHCP only server.

I'm down to the last 5 days to make this work.....

The way that things work, is that if it's great for everything except a single device or specific set of devices, it's not the setup, it's the devices and you shouldn't change the environment. You should fix the devices instead of ruining a working config/setup. Generally speaking of course, not always.

Dashrender

@Obsolesce said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

@JasGot said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

@Dashrender said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

what model are those iPhones? sure it's not just a phone issue?
Wireshark should be able to tell if the DHCP request is even coming in.

Not sure, and I'm sure it is. But it's one of those situations that we have to overcome or work around. This is a group the believes if it says Apple, it cannot be at fault.

I want to get the Windows Server to serve DHCP to 10 iphones with my 10 spare Device CALs. So I am back to the Windows Server DHCP assigning address on VLAN 10.

If I can make this work, I'll prove them with a new DHCP only server.

I'm down to the last 5 days to make this work.....

The way that things work, is that if it's great for everything except a single device or specific set of devices, it's not the setup, it's the devices and you shouldn't change the environment. You should fix the devices instead of ruining a working config/setup. Generally speaking of course, not always.

Exactly - you have 90 working iPhones - and you're going to potentially break things for because 10 don't work? did you tell your boss/the company owners/BOD, etc this? That's just crazy.

If anything - create a new VLAN - and put those 10 busted iPhones on that VLAN and have Windows serve DHCP to them (you'll need a new WiFi SSID for that new VLAN too.

JasGot

@Dashrender said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

If anything - create a new VLAN - and put those 10 busted iPhones on that VLAN and have Windows serve DHCP to them (you'll need a new WiFi SSID for that new VLAN too.

That's my goal. Which brings us back to the OP. Trying to get Windows to provide DHCP to a VLAN. I'm actually digging back into that right now after a long day of fixing Windows update problems on a bunch of 2008R2 and 2012 servers.

Dashrender

@JasGot said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

@Dashrender said in Need to better understand IP Helper for accessing Windows DHCP Server from VLAN.:

If anything - create a new VLAN - and put those 10 busted iPhones on that VLAN and have Windows serve DHCP to them (you'll need a new WiFi SSID for that new VLAN too.

That's my goal. Which brings us back to the OP. Trying to get Windows to provide DHCP to a VLAN. I'm actually digging back into that right now after a long day of fixing Windows update problems on a bunch of 2008R2 and 2012 servers.

That's pretty easy.

You need to create your new VLAN - assign it to the new SSID - set that up on the Unifi controller - Allow tagged traffic for that VLAN on the APs
set the DHCP helper for this new VLAN to point to the DHCP server on AD
make sure the firewall routes between the windows VLAN and this new one
setup a DHCP scope for the new range you'll hand out on this new VLAN.

Should about cover it.

Dashrender

did you say you have Unifi APs? If so, what firmware?
https://community.ui.com/releases/UAP-USW-Firmware-4-0-69-10871/245e428c-d111-4b9d-a550-ec0cc86ef646?page=12