IP Address conflicts

I have a new 2008 server in my DMZ to replace a server I am removing. I gave the new server the IP address of the old, and took the old server off line.

The server 2008 thinks there is a duplicate IP on the network and will not connect. I can give it any other address and it works fine.

I flushed all the caches and rebooted several times. I can't ping the address it thinks is still out there.

I'm sure this is a problem with the new server. Any ideas?

Find more posts tagged with

SAVE $250 on Your Microsoft Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Microsoft Boot Camps

Comments

dynamik

Try going to the network connection itself and choosing diagnose. The performs a battery of tests and cleans out other areas you may have overlooked. Any chance you have multiple NICs in that machine and accidentally assigned that IP to two of them?

it2b

I did the diagnose and repair, but no dice. There is a second NIC, but it's not configured and disabled at present.

I'm wondering if I should disable APIPA. I read there is a reg hack for that in W2K8. IPCONFIG shows the server giving itself an APIPA address as (prefered) and my static address with (Duplicate).

it2b

Solution after a call to MS and the company who manages our Firewall:
Disable proxy arp on the firewall
Add IP address to the server
Enable proxy arp on the firewall.

Life is good again.

dynamik

Weird. I hadn't heard of that happening before. Thanks for posting the solution

jamesp1983

hmm, interesting

RobertKaucher

it2b wrote: »

Solution after a call to MS and the company who manages our Firewall:
Disable proxy arp on the firewall
Add IP address to the server
Enable proxy arp on the firewall.

Life is good again.

I was actually going to suggest flushing the arp cache on your firewall. Glad I was right, but it sucks I didn't get to post it before you found the answer! I have seen this exactly once before and it was proxy arp.

What brand is the firewall?

it2b

It's an older Cisco Pix I believe.

dynamik

RobertKaucher wrote: »

I was actually going to suggest flushing the arp cache on your firewall. Glad I was right

Oh yea, it's really easy to declare you're right after the solution was posted, isn't it?

RobertKaucher

dynamik wrote: »

Oh yea, it's really easy to declare you're right after the solution was posted, isn't it?

It sure is!

it2b

Hey, guess what? When you re-enable proxy arp and the server gets rebooted, you get the problem back.

My Cisco guys blames server 08. Microsoft blames the PIX firewall.

Funny thing is, I can give the address in question to an XP laptop and a W2K server and they don't have the issue.

The problem is very similar to this old article I found:
Event IDs 8032 and 8021 are recorded, and you cannot contact a Windows 2000-based computer on your local network segment

I need Proxy ARP enabled so we can copy files to and from the internal network to the DMZ server.

it2b

The problem might be that our IOS in the PIX is too old...

The proxy ARP feature in the PIX 500 Series Firewall with software version 6.x creates communication issues in the local LAN
The proxy ARP feature in the PIX 500 Series Firewall with software version 6.x creates communication issues in the local LAN - Ciscowiki

it2b

This appears to have worked after a reboot without having to touch the PIX:

For conflict detection, the client computer uses the Address Resolution Protocol (ARP) request to determine whether the IP address is being used. However, a ProxyArp device might incorrectly answer the ARP request, and an IP address conflict is reported.
When this problem occurs, the ProxyArp device responds to all ARP requests.
To work around this problem, we can turn off gratuitous ARP by setting the value of the ARPRetryCount registry entry to 0. To do this, follow these steps.

1. Click Start , type regedit in the Start Search box, and then press ENTER.
2. Locate the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
3. On the Edit menu, point to New , and then click DWORD Value .
4. Type ArpRetryCount .
5. Right-click the ArpRetryCount registry entry, and then click Modify .
6. In the Value data box, type 0 , and then click OK .
7. Exit Registry Editor.
(reboot)