Issue with Cameras Picking IPs from Unknown Subnet (192.168.3.X) on Cisco Meraki Network

Alic-Antunez
Here to help

Issue with Cameras Picking IPs from Unknown Subnet (192.168.3.X) on Cisco Meraki Network

Hi everyone,

I'm managing a small network using Cisco Meraki, and I've run into a strange issue. We have CCTV cameras connected to an NVR, all configured on VLAN 21 (10.20.30.0/26). Switchports connected to the cameras are set to VLAN 21 in access mode.

However, the cameras are somehow picking IPs from a 192.168.3.X subnet, which doesn't exist in my network configuration. I've ensured that all DHCP servers are blocked except for the Meraki MX67 appliance.

After capturing packets, I noticed traffic like 192.168.3.14 communicating with 239.255.255.250 on port 1900 (SSDP). I know this is used for AXIS Camera Station discovery, but I’m puzzled as to where this mysterious 192.168.3.X subnet is coming from.

Does anyone have insights into why this might be happening or how to troubleshoot further? Any recommendations would be greatly appreciated!

__PRESENT

__PRESENT

__PRESENT

5 Replies 5
Ryan_Miles
Meraki Employee
Meraki Employee

Is this a single MX or HA config? If HA be aware the LAN uses a virtual MAC and not the base chassis MAC. If you're blocking all DHCP, but the primary MX MAC you'll be blocking legit DHCP traffic to the cc:03:d9:xx:xx:xx virtual MAC.

 

https://documentation.meraki.com/MX/Deployment_Guides/MX_Warm_Spare_-_High_Availability_Pair#Virtual... 

AmitPanchal
Here to help

Try connecting the laptop to the same camera port and check what IP it is getting. If it is getting the same 192.168.3.X series IP then on the laptop you will get the DHCP server details through which you could identify which DHCP server/system is creating the issue.

rhbirkelund
Kind of a big deal
Kind of a big deal

Is it a third party supplier that has been installing the CCTV cameras? In my experience, these third parties tend to either configure the NVR to hand out DHCP addresses to their cameras or that the cameras are statically configured with an IP address. They also tend to supply their own unmanaged swtiching infrastructure. which they uplink the camearas to, which may also be connected upstream to the rest of the network infrastructure.

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.
PhilipDAth
Kind of a big deal
Kind of a big deal

This will be the problem.

Dunky
Head in the Cloud

As a standard, I tend to block all unknown DHCP servers in Switching>DHCP Servers and ARP by whitelisting the MAC of the MX (or HA MAC).

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.