cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

New DHCP Server detected

SOLVED
Highlighted
Here to help

New DHCP Server detected

I got an alert today:

 

The switch in the network School Building detected a new DHCP server with the following details:

MAC:00:18:0a:xx:xx:xx
IP:10.10.40.2
VLAN:1
Subnet:0.0.0.0/0

 

The MAC address says it's is the known, one and only Meraki Firewall that has been on the network since initial setup.  Nothing was physically changed. unplugged, and nothing noted in the Change log to cause this. Last entry on the change log was 3 days ago.

 

Is this a real error, or a false error? If it's real, how do I track it down?

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Kind of a big deal

Re: New DHCP Server detected

If you know if is the firewall then don't worry about it.

 

Perhaps you had a firmware update recently and it is caused it to look again.

View solution in original post

3 REPLIES 3
Highlighted
Kind of a big deal

Re: New DHCP Server detected

If you know if is the firewall then don't worry about it.

 

Perhaps you had a firmware update recently and it is caused it to look again.

View solution in original post

Highlighted
Meraki Employee

Re: New DHCP Server detected

As mentioned, I wouldn't worry about it. If you want to be absolutely certain that there isn't another DHCP server on your LAN, run a PCAP on the LAN port and look for any DHCP activity (filter is 'bootp')
Highlighted
Meraki Employee

Re: New DHCP Server detected

Are you sure you haven't changed the MX from Bridge to NAT mode or turned on DHCP on any of the configured VLANs? Also, the MX has the ability to relay DHCP requests, so while you haven't changed anything on the MX, but yet it a network DHCP server might have come up. I suggest you take a pcap and analyze this in more details. Here is a link for DHCP relay on the MX: https://documentation.meraki.com/MX-Z/DHCP/DHCP_Services#DHCP_relay

---
CSE - SP UK & I
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.