Resolving DHCP Conflict MX

SOLVED
MerakiMed
Getting noticed

Resolving DHCP Conflict MX

I recently migrated this remote site from an ISR to a Meraki MX. You can see that twice today 
I received error as to client IP conflicts. It could be the case that existing devices had already 
received an address from DHCP process on the older ISR and now are conflicting with 

the Meraki's DHCP address handout and storage. But shouldn't the MX be pinging 
addresses before handing them out? How is the MX supposed to sort out these

kinds of conflicts? Thank you.

 

Oct 13 14:12:55 a9626d16-796d-45b7-94ae-b801a629842a Client IP conflict MAC: 46:3A:A2:E1:76:AB also claims IP: 10.117.52.32
Oct 13 14:12:55 Client IP conflict MAC: 2A:2A:A8:89:0F:EA also claims IP: 10.117.52.32
Oct 13 12:15:11 a9626d16-796d-45b7-94ae-b801a629842a DHCP lease vap: 0, vlan: 52, ip: 10.117.52.32 more »


Oct 13 12:03:21 iPhone Client IP conflict MAC: F0:99:B6:55:FA:E7 also claims IP: 10.117.52.22
Oct 13 12:03:21 iPhone Client IP conflict MAC: 82:23:92:85:0B:3E also claims IP: 10.117.52.22

1 ACCEPTED SOLUTION
UCcert
Kind of a big deal

hi @MerakiMed , If you're hitting the MAC randomisation issue please take a read through the below:

 

https://documentation.meraki.com/zGeneral_Administration/Cross-Platform_Content/Meraki_and_iOS_14_MA...

 

 

Steps You Can Take with Cisco Meraki to Minimize Impact

  • Adopt OpenRoaming (part of Cisco DNA Spaces, now adopted as an industry standard for seamless Wi-Fi onboarding)

  • Implement policies (e.g. via MDM solutions like Cisco Meraki Systems Manager - see details below) to turn off MAC randomization for the company-owned devices or BYOD devices if the company policy allows it

  • Ask users to turn off MAC randomization on their devices

Darren O'Connor | uccert.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.

View solution in original post

3 REPLIES 3
cmr
Kind of a big deal
Kind of a big deal

Are those wireless clients and possibly iOS devices?  If so they could be randomised MACs, unfortunately the device can get the IP with one MAC and then reuse it with another

UCcert
Kind of a big deal

hi @MerakiMed , If you're hitting the MAC randomisation issue please take a read through the below:

 

https://documentation.meraki.com/zGeneral_Administration/Cross-Platform_Content/Meraki_and_iOS_14_MA...

 

 

Steps You Can Take with Cisco Meraki to Minimize Impact

  • Adopt OpenRoaming (part of Cisco DNA Spaces, now adopted as an industry standard for seamless Wi-Fi onboarding)

  • Implement policies (e.g. via MDM solutions like Cisco Meraki Systems Manager - see details below) to turn off MAC randomization for the company-owned devices or BYOD devices if the company policy allows it

  • Ask users to turn off MAC randomization on their devices

Darren O'Connor | uccert.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.

Yes - looks like you're right. These are iPhones. I'll just turn off the IP conflict alerts. 

It's causing more noise than being helpful thanks to Apple's randomization feature

and it's not worth the effort to get potentially hundreds of employees to changes

the setting.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels