SSG-5 and DHCP Client

[ Edited ]
‎03-13-2009 01:55 PM

I have a SSG-5-SH-W-US and I cannot get the DHCP client to work with my Comcast LinkSys Cable modem. I upgraded from an old NS5GT which worked great but the SSG-5 just won't pick up an IP address. I've reset the unit and even used just the wizard to configure it (with no other options, using all defaults), to no avail.  I checked the port ethernet0/0 and it seems to work fine.


The interfaces are defined as follows:


set interface eth0/0 zone untrust
set interface eth0/0 dhcp-client enable
set interface eth0/1 zone dmz
set interface eth0/1 ip
set interface bgroup0 zone trust
set interface bgroup0 ip
set interface bgroup0 manage
set interface bgroup0 port ethernet0/2
set interface bgroup0 port ethernet0/3
set interface bgroup0 port ethernet0/4
set interface bgroup0 port ethernet0/5
set interface bgroup0 port ethernet0/6



Product Name: SSG5-Serial-WLAN
Serial Number: 0xxxxxxxxxxxx, Control Number: 00000000
Hardware Version: 0710(0)-(00), FPGA checksum: 00000000, VLAN1 IP (
Flash Type: Samsung
Software Version: 6.2.0r1.0, Type: Firewall+VPN
Feature: AV-K
Compiled by build_master at: Wed Oct 15 18:36:36 PDT 2008
Base Mac: 0017.cb80.7480
File Name: screenos_image, Checksum: 89b9a9c6, Total Memory: 256MB

Date 03/13/2009 05:50:56, Daylight Saving Time enabled
The Network Time Protocol is Disabled
Up 0 hours 24 minutes 22 seconds Since 13Mar2009:05:26:34
Total Device Resets: 15, Last Device Reset at: 03/13/2009 05:15:23

System in NAT/route mode.


In the DEBUG output, I captured the following:

## 2009-03-13 06:01:41 : DHCP: got packet from if <ethernet0/1>.
## 2009-03-13 06:01:41 : DHCP (ethernet0/0): Received ack msg xid <ac823278> from IP 68.87.xx.xx (MAC 001d457xxxx): offer IP 98.xx.xx.xx

## 2009-03-13 06:01:41 : DHCP (ethernet0/0): bad transaction id, got <ac823278>, expect <1397c174>
## 2009-03-13 06:01:43 : DHCP (ethernet0/0):Client periodic check(1,0)
## 2009-03-13 06:01:43 : DHCP: HA (client) send (Release): (ethernet0/1)
## 2009-03-13 06:01:43 : DHCP: send_dhcp_pak enter src_ip: 0x0, dst_ip: 0xffffffff
## 2009-03-13 06:01:43 : DHCP: packet send to outif <ethernet0/1>.
## 2009-03-13 06:01:43 : DHCP (ethernet0/0): Discover xid<1397c175>.
## 2009-03-13 06:02:01 : DHCP: got packet from if <ethernet0/1>.
## 2009-03-13 06:02:01 : DHCP (ethernet0/0): Received offer msg xid<05c76374> from IP 68.87.xx.xx (MAC 001d457xxxx): offer IP 73.xx.xx.xx

## 2009-03-13 06:02:01 : DHCP (ethernet0/0): bad transaction id, got <05c76374>, expect <1397c175>


The bad transaction ID seems like the root of my problem I'm guessing. *sigh*  The NS5GT was more forgiving. Unfortunately, the cable modem does not have any firmware updates available.  Does anyone know how to get the SSG5 to be more forgiving and work? Thanks.


      ~ Lester ~

Message Edited by lesterw on 03-13-2009 02:38 PM
Accepted by topic author lesterw
‎08-26-2015 01:27 AM

Re: SSG-5 and DHCP Client - The solution!

‎03-13-2009 02:51 PM

After an exhausting search on the internet, I found others who experienced this same problem.  Amongst all of those, there was a gem. The problem is that some cable modems (LinkSys in my case) keep track of the MAC address to which they are connected.  I needed to unplug the cable modem for a couple of minutes (not just a quick unplug but long enough for the residual power to discharge).  Once I did that, it did the trick!