Hello out there
I have a client that is using Windows 8 with a Window 2012 Server DHCP/DNS and the firewall is a S1104 running v8.3.0 and only the windows 7 pc's can get out to internet.
This is wierd, so if he adds a DHCP relaly will that help?
That is odd.
If the client machines and the 2012 server are on the same subnet I don't see that a DHCP relay will make any difference.
Are the Windows 7 machines getting DHCP credentials from the same 2012 server?
If so, I see no real reason why the Firewall would take exception to the Winodws 8 machines - unless it is failing to push out DNS or gateway IP addresses to these clients.
I'd suggest a couple of things.
Firstly make a note of the IP address of one of the Win8 clients and run the following command on the Firewall CLI:-
Now try to access the outside world from the machine and see if anything appears in the TCPdump output. If you see nothing then the traffic is never making it as far as the Firewall and something in the network settings/security settings of the client is blocking the connection, not the S1104.
If you do see traffic in the TCPdump, the next thing would be to have a look at the audit viewer screen on the Firewall Admin Console GUI and see what it has to say for itself.
Yes I agree, and I have done the tcpdump on the firewall on the internal interface and the weird thing is from the Windows 8 pc with a DHCP address the requests don't even hit the firewall, but if you put a static IP on the windows 8 pc it works no problem.
So, I'm thinking there is an issue on the DHCP server not giving out the correct gateway address or something to that effect.
This doesn't seem to be a firewall issue.
I'm inclined to agree with your conclusion. Either the wrong gateway, or no gateway address at all.
What does "ipconfig /all" return on a Win8/DHCP client?
Turns out he hand the wrong gateway in the DHCP server configuration.