I'm facing a puzzling DHCP issue where a device retains its IP address even after switching VLANs. This happens for both wired and wireless connections. For instance, when a device tries to connect to our Guest Network, it still has the Corporate address on its NIC. I've verified the IP helper-addresses, checked firewall rules, and tested devices that aren't on the Corporate network, which worked fine with DHCP. However, using ipconfig /release /renew doesn't change a thing. We're running DHCP servers on Server 2025 and Server 2022, but I'm not sure if that's relevant. Any insights would be greatly appreciated!
4 Answers
Make sure the scopes are set up correctly and that the subnet masks are not overlapping between the two servers. You might want to use a network sniffer to observe what's happening when the device changes networks. Ideally, if a device switches, the server should issue a NACK, triggering the full DORA process. If you're getting an ACK, there might be a misconfiguration with the scopes or subnet.
The fact that `ipconfig /release /renew` isn’t doing anything suggests that the VLAN change isn't effective at the network layer. Check the switch port or AP client table after moving the device to confirm that the VLAN is genuinely changing. If possible, run a Wireshark capture during the DHCP exchange to see what's going on—this can clarify if it’s a server or infrastructure issue. My guess is that the switch port or AP isn’t actually transitioning to the Guest VLAN, causing the DHCP behavior you're seeing.
I usually see this issue when there's a MAC reservation for that device. If it's already assigned an IP, it won't get a new lease until the existing one is released or has expired. Double-check if there are any reservations for that MAC on both DHCP servers and remove them if necessary.
A couple of things come to mind. First, check if your DHCP servers for the Guest and Corporate networks share a common interface and if the Corporate network's range is replicated for failover with the Guest network server. If your network does DHCP snooping or relaying, it might be providing the existing lease back to the same MAC address. To test it, connect the device to the Corporate network, see if there's an existing lease on the DHCP server, release it if there is, and then connect to the Guest network to see if it gets the correct IP.
Thanks for the detailed advice! I'll check those VLAN assignments and see if I can capture the traffic to further diagnose the issue.