Meraki

Community

Getting bogus alert emails

BlakeRichardson
Kind of a big deal
Kind of a big deal
‎Feb 24 2022 11:01 AM
‎Feb 24 2022 11:01 AM

Getting bogus alert emails

I get a bogus alert email for one of my Orgs this morning and wondered if anyone else has been getting any. The alert I got was below.

 

The security appliance in the XZY network has detected an IP conflict with two or more devices.

The IP 192.168.1.108 is claimed by clients with the following MAC addresses: E0:50:8B:13:96:78  14:A7:8B:09:25:52 

 

 

The part thats bogus is that this security appliance isn't configured with that mentioned subnet and the two MAC it refers two are using statically assigned DHCP in a totally different subent. It the only device in that network capaible of DHCP so I have no idea what is going on. Looking at the Network > Monitor > Clients page when I search for that IP there is nothing in that range which I expect because its not used. 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
0 Kudos
3 Replies 3
RaphaelL
Kind of a big deal
Kind of a big deal
‎Feb 24 2022 11:32 AM
‎Feb 24 2022 11:32 AM

Have you looked at the ARP table ? What about the event logs , do you see anything related to the duplicate IP ?

 

Don't get fooled by the Network -> Monitor -> Clients page ,  Clients that do not pass Internet trafic won't be mapped. In a case of a dupplicate IP I suppose that one of them isn't able to pass traffic at all.

0 Kudos
In response to RaphaelL
BlakeRichardson
Kind of a big deal
Kind of a big deal
‎Feb 24 2022 11:58 AM
‎Feb 24 2022 11:58 AM

Both of the devices are online and functional with IP addresses in a completely different range, As mentioned the IP subnet specified in the alert email isn't used. 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
0 Kudos
In response to BlakeRichardson
RaphaelL
Kind of a big deal
Kind of a big deal
‎Feb 24 2022 12:05 PM
‎Feb 24 2022 12:05 PM

Nothing in the change logs ? A network rebind , template rebind ?

Nothing in the event logs  ''IP conflict'' ? 

 

If you answer no to all these questions , I think you will need to open a case to shed some light on that issue. I have over 6000 networks and none of these alerts were received today.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.