Meraki

Community

Getting Public Addresses on Corporate LAN/Wifi

LandmarkSupport
Comes here often
a week ago
a week ago

Getting Public Addresses on Corporate LAN/Wifi

Greetings all!!

 

I have an issue I cannot seem to solve nor can my Spectrum provided Meraki support. For a while now I have one site where devices are receiving public addresses. Sometimes the public IP of the MX!! Ive checked NAT and nothing there. I've checked any forwarding rules...nothing there.

 

Support INSISTS it's someone playing a joke on me and hardcoding static addresses...but I know that's not the case. It will happen on wifi and LAN. Heck I just got onsite today and tried to get on the corporate WiFi and lo and behold I was given a public IP address. 

 

We have 2 Meraki APs and they go direct into the last two ports on our MX 68. 

 

I checked a user's laptop yesterday who was unable to hardwire and his IP was a public one but oddly enough the network name Windows gave the adapter was "WiFi 2" and it was a public network...didn't know our domain.

So I am leaning more and more on something weird is going on with our APs and it's bridging the public pool with our private pool somehow.

 

Anyone ever see anything like this???

Labels:
0 Kudos
16 Replies 16
alemabrahao
Kind of a big deal
a week ago
a week ago

Look, it seems to me that there is a rogue DHCP server or something like that on your network.

I have worked with Meraki for years and have never seen any cases like this.

When the device receives the IP, can you see which DHCP server is providing the address?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
LandmarkSupport
Comes here often
a week ago
a week ago

Weird right?? and the odd thing is the error I see in the log regarding my own computer is the multiple DHCP server detected error. which my computer is not...nor is any other computer onsite. DHCP is handled by the MX so when the other user got the error yesterday...it was showing the public IP of the MX as the DHCP server and DNS.

0 Kudos
In response to LandmarkSupport
alemabrahao
Kind of a big deal
a week ago
a week ago

Okay, so are you proxying DHCP through MX or do you have a dedicated server?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
alemabrahao
Kind of a big deal
a week ago
a week ago

I'm referring to this configuration.

 

alemabrahao_0-1742312683573.png

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
LandmarkSupport
Comes here often
a week ago
a week ago

MX handles DHCP...

0 Kudos
In response to alemabrahao
LandmarkSupport
Comes here often
a week ago
a week ago

Oops thought I replied...lol..yes the MX handles our DHCP. We have 4 sites and each site the MX handles it. this is the only one acting weird. 

0 Kudos
Mloraditch
Kind of a big deal
a week ago
a week ago

The only way this would happen barring an outrageous bug is there is another dhcp server plugged into the lan. Are you sure your spectrum modem doesn’t have a wired connection to the MX WAN AND a lan port?

 

you should also be able to see the ip address of the dhcp server on a client with a bad ip and trace the corresponding mac to a specific port. 

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
In response to Mloraditch
LandmarkSupport
Comes here often
a week ago
a week ago

We have our fiber and secondary coax backup in their respective WAN ports and then going to switch from next LAN port. nothing onsite runs DHCP other than the MX. 

0 Kudos
ww
Kind of a big deal
Kind of a big deal
a week ago
a week ago

You have a meraki switch?

Does it show anything related to this dhcp scope at switch>dhcp server&arp

 

Also go to mx event log, and filter on all dhcp.  Do you see the public  ip's being assigned there, and does it show mx_mac/ip

0 Kudos
In response to ww
LandmarkSupport
Comes here often
a week ago
a week ago

I do not...I have a Dell switch that's basically a dummy switch. single VLAN

0 Kudos
DineshSingh
Conversationalist
a week ago
a week ago

This could be occured due to 

1) Misconfigured DHCP Server, Layer 2 Briding Misconfiguration may also due to VLAN misconfiguration. 

If none of these, then it should be a bug in the firmware of MX. 

0 Kudos
LandmarkSupport
Comes here often
Monday
Monday

Alrighty,

 

So still no real leads but my support keeps saying it isn't due to the Meraki. They keep saying I have a rogue DHCP server. But when I look for that error I dont see the one they mention. Now when I look up the Vlan mismatch error I see the device in question. It has a public IP and when I click on the MAC it tells me the device isn't available, even though the event pretty much just happened. MAC address lookup for manufacturer info doesn't lead me anywhere.

 

I am tempted to block that device but I am also worried that will make things worse. There isn't anything on our network, that I have setup, that would know any public IP addresses. I am curious if this is Spectrum equipment on the other side? 

I just don't get how something on my LAN would know public IP blocks and hand them out.

0 Kudos
In response to LandmarkSupport
alemabrahao
Kind of a big deal
Monday
Monday

There are several ways to find out your public IP block. A good option is to try to capture packets on your network to try to identify the source.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
LandmarkSupport
Comes here often
Monday
Monday

That's the thing, I know what my block is. I did a packet capture and it doesn't show any traffic moving thru the offending IP address. The weird thing is when someone gets a public IP it shows their gateway as the offending device, not the public IP of our Meraki.

0 Kudos
In response to LandmarkSupport
alemabrahao
Kind of a big deal
Monday
Monday

I'm not referring to you, I'm referring to the fact that if someone on your network wants to find out, there are several ways.

The fact is that I believe everyone here will agree that there is a rogue server on your network, but what you can't know is whether it's intentional or not.

You have to create a less specific filter in your capture. If I were you, I would only filter for DHCP requests and DHCP offers.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
LandmarkSupport
Comes here often
Monday
Monday

ah ok...gotcha 

0 Kudos
li.common.scroll-to.top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.