Reply
New Member
Posts: 17
Registered: ‎07-12-2018

EdgeRouter 4, simple config, DHCP not working with macOS

[ Edited ]

New EdgeRouter 4 running 1.10.5, took the default configuration of eth0 WAN, eth1 LAN1, eth2 LAN2. Unmanaged switch connected to LAN1 with macOS machine connected to switch. Able to communicate with router fine if manually configuring the IP. Router is successfully routing WAN to LAN, works great.

 

DHCP servers enabled for LAN1 and LAN2. Have tried reseting router, restarting DHCP services, and connecting directly from Mac to router instead of through switch - no matter what I am not able to get a DHCP lease for the Mac, automatically or by forcing renew. DHCP authoritative is enabled (which was the default). Haven't changed any settings on router from defaults. Any ideas why this might not be working? Thanks.

 

Highlighted
SuperUser
Posts: 13,683
Registered: ‎10-06-2013
Kudos: 4546
Solutions: 1034

Re: EdgeRouter 4, simple config, DHCP not working with macOS

You'll be asked to post config to be looked at.

UK Comms & Links Engineer.


Come on you lot, Feel free to 'Mark as Solution' At least click the Kudos button. Thanks.


Top Solution Authors Leaderboard
New Member
Posts: 17
Registered: ‎07-12-2018

Re: EdgeRouter 4, simple config, DHCP not working with macOS

firewall {                                                                      
    all-ping enable                                                             
    broadcast-ping disable                                                      
    ipv6-receive-redirects disable                                              
    ipv6-src-route disable                                                      
    ip-src-route disable                                                        
    log-martians enable                                                         
    name WAN_IN {                                                               
        default-action drop                                                     
        description "WAN to internal"                                           
        rule 10 {                                                               
            action accept                                                       
            description "Allow established/related"                             
            state {                                                             
                established enable                                              
                related enable                                                  
            }                                                                   
        }                                                                       
        rule 20 {                                                               
            action drop                                                         
            description "Drop invalid state"                                    
            state {                                                             
                invalid enable                                                  
            }
        }
    }
    name WAN_LOCAL {                                                            
        default-action drop                                                     
        description "WAN to router"                                             
        rule 10 {                                                               
            action accept                                                       
            description "Allow established/related"                             
            state {                                                             
                established enable                                              
                related enable                                                  
            }                                                                   
        }                                                                       
        rule 20 {                                                               
            action drop                                                         
            description "Drop invalid state"                                    
            state {                                                             
                invalid enable                                                  
            }                                                                   
        }                                                                       
    }                                                                           
    receive-redirects disable                                                   
    send-redirects enable                                                       
    source-validation disable                                                   
    syn-cookies enable
}                                                                               
interfaces {                                                                    
    ethernet eth0 {                                                             
        address dhcp                                                            
        description Internet                                                    
        duplex auto                                                             
        firewall {                                                              
            in {                                                                
                name WAN_IN                                                     
            }                                                                   
            local {                                                             
                name WAN_LOCAL                                                  
            }                                                                   
        }                                                                       
        speed auto                                                              
    }                                                                           
    ethernet eth1 {                                                             
        address 192.168.1.1/24                                                  
        description Local                                                       
        duplex auto                                                             
        speed auto                                                              
    }                                                                           
    ethernet eth2 {
        address 192.168.2.1/24                                                  
        description "Local 2"                                                   
        duplex auto                                                             
        speed auto                                                              
    }                                                                           
    ethernet eth3 {                                                             
        speed auto                                                              
    }                                                                           
    loopback lo {                                                               
    }                                                                           
}                                                                               
service {                                                                       
    dhcp-server {                                                               
        disabled false                                                          
        hostfile-update disable                                                 
        shared-network-name LAN1 {                                              
            authoritative enable                                                
            subnet 192.168.1.0/24 {                                             
                default-router 192.168.1.1                                      
                dns-server 192.168.1.1                                          
                lease 86400                                                     
                start 192.168.1.38 {                                            
                    stop 192.168.1.243
                }                                                               
            }                                                                   
        }                                                                       
        shared-network-name LAN2 {                                              
            authoritative enable                                                
            subnet 192.168.2.0/24 {                                             
                default-router 192.168.2.1                                      
                dns-server 192.168.2.1                                          
                lease 86400                                                     
                start 192.168.2.38 {                                            
                    stop 192.168.2.243                                          
                }                                                               
            }                                                                   
        }                                                                       
    }                                                                           
    dns {                                                                       
        forwarding {                                                            
            cache-size 150                                                      
            listen-on eth1                                                      
            listen-on eth2                                                      
        }                                                                       
    }                                                                           
    gui {
        https-port 443                                                          
    }                                                                           
    nat {                                                                       
        rule 5010 {                                                             
            description "masquerade for WAN"                                    
            outbound-interface eth0                                             
            type masquerade                                                     
        }                                                                       
    }                                                                           
    ssh {                                                                       
        port 22                                                                 
        protocol-version v2                                                     
    }                                                                           
}                                                                               
system {                                                                        
    host-name ubnt                                                              
    login {                                                                     
        user ubnt {                                                             
            authentication {                                                    
                encrypted-password ****************                             
            }                                                                   
            level admin                                                         
        }
    }                                                                           
    ntp {                                                                       
        server 0.ubnt.pool.ntp.org {                                            
        }                                                                       
        server 1.ubnt.pool.ntp.org {                                            
        }                                                                       
        server 2.ubnt.pool.ntp.org {                                            
        }                                                                       
        server 3.ubnt.pool.ntp.org {                                            
        }                                                                       
    }                                                                           
    syslog {                                                                    
        global {                                                                
            facility all {                                                      
                level notice                                                    
            }                                                                   
            facility protocols {                                                
                level debug                                                     
            }                                                                   
        }                                                                       
    }                                                                           
    time-zone UTC                                                               
    traffic-analysis {
        dpi enable                                                              
        export enable                                                           
    }                                                                           
}                                                                               
SuperUser
Posts: 13,683
Registered: ‎10-06-2013
Kudos: 4546
Solutions: 1034

Re: EdgeRouter 4, simple config, DHCP not working with macOS

Lets have a closer look. @dpurgert

UK Comms & Links Engineer.


Come on you lot, Feel free to 'Mark as Solution' At least click the Kudos button. Thanks.


Top Solution Authors Leaderboard
New Member
Posts: 17
Registered: ‎07-12-2018

Re: EdgeRouter 4, simple config, DHCP not working with macOS

Well I went ahead and tried it with a Windows device and it works. Could be macOS's fault? The Mac was working fine with other DHCP servers though. I will assume the router is working and finish setting up the network.

SuperUser
Posts: 13,683
Registered: ‎10-06-2013
Kudos: 4546
Solutions: 1034

Re: EdgeRouter 4, simple config, DHCP not working with macOS

Looking through the config I could see no reason why you couldn't get a DHCP assigned address. Why it doesn't work with a Mac is something I can't answer.

 

UK Comms & Links Engineer.


Come on you lot, Feel free to 'Mark as Solution' At least click the Kudos button. Thanks.


Top Solution Authors Leaderboard
Veteran Member
Posts: 7,239
Registered: ‎03-24-2016
Kudos: 1862
Solutions: 822

Re: EdgeRouter 4, simple config, DHCP not working with macOS

On ER CLI run:

sudo tcpdump -n -v -i eth1 port 67 or port 68

while trying to get IP address

Post output. Normally, answers are hidden in the packets

New Member
Posts: 17
Registered: ‎07-12-2018

Re: EdgeRouter 4, simple config, DHCP not working with macOS

I haven't tried tcpdump yet but I think this may be happening because I have mDNSResponder blocked completely on the Mac in question with Little Snitch.

Emerging Member
Posts: 50
Registered: ‎07-17-2018
Kudos: 4
Solutions: 2

Re: EdgeRouter 4, simple config, DHCP not working with macOS

[ Edited ]

Just food for thought...

 

I recently tried to connect a mac mini to a Unifi Switch-8 150W.  I was unable to immediately get any connectivity.  I decided to take a look through the Unifi controller and I could see the mac mini trying to connect periodically.  The port the mac mini was connected to would go green then have the 'No' sign (port being blocked) and then switch back to grey.  I realized after a few hours pulling out my haird that it was all due to a manually configured NIC on the mac mini and once I switched the NIC settings to auto al lwas well in the world once more.

 

Just my two cents as I spent hours thinking it was the Unifi gear.

 

Cheers! and good luck!

Reply