I’ve experienced strange behaviour on a Sonicwall firewall I have at a client. All of a sudden last week all network connections dropped at this specific location. After some troubleshooting it appeared an unknown MAC-address stole the fixed IP-addresses of both the Exchange server and the TS-server causing major outages.
The eventlog of those machines states that there was an IP-conflict with a certain MAC-address and so they lost their network. The other machine states the exact same MAC-address for the cause of it’s IP-confligt. The strange thing however is I’m not using that specific MAC-address. I do however am using a Sonicwall firewall with a one digit difference.
It came to my attention that the building that this firewall is located in has had a power surge (No UPS) of 380V where it normally would be 220V. Several machines were broken (microwaves, lights, …) were broken but the firewall kept on working.
Is it possible that the MAC-address got changed due to this power surge because I can’t find any other logical explanation why this address kept popping up in the logs? The vendor class is Sonicwall so that really narrows it down and I double checked ARP tables, MAC address tables.
You must be logged in to reply to this topic.
Create a free account today to participate in forum conversations, comment on posts and more.