All,
Setup:
* EdgeRouter Light V1.9
* Cable Modem - Bridged
* Windows Server 2012 R2
* Mac Mini (UniFi Controller)
* Netgear Smart Switch PoE 24Port (Web access for extended setup with VLAN tagging)
Extended Setup:
Edgerouter Light:
* DHCP Hosting (LAN and VLAN for guest)
* VLAN tagging for Guest network (closed network)
* Firewall Rules for Guest VLAN
Window Server 2012:
* DNS Role for AD
* AD CS
* AD DS
* File Storage Services
* IIS
* Windows Server Essentials Role
IP ADDRESSES:
* EdgeRouter: 192.168.10.1
* Windows Server (DNS): 192.168.10.5
* UniFi Controller: 192.168.10.6
* VLAN Guest: 10.1.10.1
Issue: Clients within active directory and DHCP enabled are being placed out of network. Instead of receiving an IP of 192.168.10.100+, they are being issued an IP of 192.168.107.* with a gateway of 192.168.107.1. Connection specific DNS value is "sandbox"
Issue also happens when connecting to Wi-Fi. UniFi controller DHCP is not enabled with only VLAN tagging on guest network.
If I set clients manually using static IP in the DHCP scope, all is well and network and domain is seen and accessible.
I did login to EdgeRouter with one client out of network and Router does not show address of client in list of addresses under Traffic Analysis. I do see the IP in the UniFi controller.
The only thing working specifically is LAN printer and Payment Terminal for credit card processing, and VoIP phones. The guest network is also working flawlessly. There are firewall rules set specifially for just the VLAN.
I am not sure where to begin with this issue since all seems setup correctly.