Routing

last person joined: 3 days ago 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.

  • 1.  SSG-5 and DHCP Client

    Posted 03-13-2009 13:55

    I have a SSG-5-SH-W-US and I cannot get the DHCP client to work with my Comcast LinkSys Cable modem. I upgraded from an old NS5GT which worked great but the SSG-5 just won't pick up an IP address. I've reset the unit and even used just the wizard to configure it (with no other options, using all defaults), to no avail.  I checked the port ethernet0/0 and it seems to work fine.

     

    The interfaces are defined as follows:

     

    set interface eth0/0 zone untrust
    set interface eth0/0 dhcp-client enable
    set interface eth0/1 zone dmz
    set interface eth0/1 ip 192.168.10.1 255.255.255.0
    set interface bgroup0 zone trust
    set interface bgroup0 ip 192.168.1.1 255.255.255.0
    set interface bgroup0 manage
    set interface bgroup0 port ethernet0/2
    set interface bgroup0 port ethernet0/3
    set interface bgroup0 port ethernet0/4
    set interface bgroup0 port ethernet0/5
    set interface bgroup0 port ethernet0/6

     

     

    Product Name: SSG5-Serial-WLAN
    Serial Number: 0xxxxxxxxxxxx, Control Number: 00000000
    Hardware Version: 0710(0)-(00), FPGA checksum: 00000000, VLAN1 IP (0.0.0.0)
    Flash Type: Samsung
    Software Version: 6.2.0r1.0, Type: Firewall+VPN
    Feature: AV-K
    Compiled by build_master at: Wed Oct 15 18:36:36 PDT 2008
    Base Mac: 0017.cb80.7480
    File Name: screenos_image, Checksum: 89b9a9c6, Total Memory: 256MB

    Date 03/13/2009 05:50:56, Daylight Saving Time enabled
    The Network Time Protocol is Disabled
    Up 0 hours 24 minutes 22 seconds Since 13Mar2009:05:26:34
    Total Device Resets: 15, Last Device Reset at: 03/13/2009 05:15:23

    System in NAT/route mode.

     

    In the DEBUG output, I captured the following:

    ## 2009-03-13 06:01:41 : DHCP: got packet from if <ethernet0/1>.
    ## 2009-03-13 06:01:41 : DHCP (ethernet0/0): Received ack msg xid <ac823278> from IP 68.87.xx.xx (MAC 001d457xxxx): offer IP 98.xx.xx.xx

    ## 2009-03-13 06:01:41 : DHCP (ethernet0/0): bad transaction id, got <ac823278>, expect <1397c174>
    ## 2009-03-13 06:01:43 : DHCP (ethernet0/0):Client periodic check(1,0)
    ## 2009-03-13 06:01:43 : DHCP: HA (client) send (Release): (ethernet0/1)
    ## 2009-03-13 06:01:43 : DHCP: send_dhcp_pak enter src_ip: 0x0, dst_ip: 0xffffffff
    ## 2009-03-13 06:01:43 : DHCP: packet send to outif <ethernet0/1>.
    ## 2009-03-13 06:01:43 : DHCP (ethernet0/0): Discover xid<1397c175>.
    ## 2009-03-13 06:02:01 : DHCP: got packet from if <ethernet0/1>.
    ## 2009-03-13 06:02:01 : DHCP (ethernet0/0): Received offer msg xid<05c76374> from IP 68.87.xx.xx (MAC 001d457xxxx): offer IP 73.xx.xx.xx

    ## 2009-03-13 06:02:01 : DHCP (ethernet0/0): bad transaction id, got <05c76374>, expect <1397c175>

     

    The bad transaction ID seems like the root of my problem I'm guessing. *sigh*  The NS5GT was more forgiving. Unfortunately, the cable modem does not have any firmware updates available.  Does anyone know how to get the SSG5 to be more forgiving and work? Thanks.

     

          ~ Lester ~

    Message Edited by lesterw on 03-13-2009 02:38 PM


  • 2.  RE: SSG-5 and DHCP Client
    Best Answer

    Posted 03-13-2009 14:51

    After an exhausting search on the internet, I found others who experienced this same problem.  Amongst all of those, there was a gem. The problem is that some cable modems (LinkSys in my case) keep track of the MAC address to which they are connected.  I needed to unplug the cable modem for a couple of minutes (not just a quick unplug but long enough for the residual power to discharge).  Once I did that, it did the trick!