Event ID: 4199 Source: Tcpip

EventID.Net

EvLog Event Analyzer

Monitor unlimited number of servers
Filter log events
Create email and web-based reports

EventID.Net Subscription

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 4199 Source: Tcpip

Source

Tcpip

Level

Error

Description

The system detected an address conflict for IP address <ip address> with the system having network hardware address <MAC address>. Network operations on this system may be disrupted as a result.

English

This information is only available to subscribers. An example of English, please!

Concepts to understand

What is the MAC address?

Comments

Yahya Usman

You can determine the the vendor of the network card by using this site: EV100206 (www.hwaddress.com). For instance, this will help narrow down if it's a Dell pc or an Apple Mac.

EventID.Net

After you assign or change an IP address on a Windows Vista-based computer, the system searches the network for a computer that is already using this IP address. If the search reveals no computer that is already using this IP address, the IP address is officially assigned to the Windows Vista-based computer. This event occurs if another computer sends a ping message to the new IP address before the system finishes the search process. The system was not designed to be pinged while it is searching for a new IP address. See ME948363 for a hotfix applicable to Windows Vista.

Peter Van Gils

If you are using Double-Take:
- your source server crashed.
- during failover, the target server takes over the IP address of the source.
- the source server boots and claims its own IP address, resulting in an IP conflict, causing this error.
- the source server gets IP address 0.0.0.0 and is unreachable.
To prevent this, do not boot the source server until you have performed a failback on the target server. To prevent automatic reboots after a BSOD, go to My Computer -> Properties -> Advanced -> Startup and Recovery -> Settings, and disable "Automatically restart".

EventID.Net

The latest service pack for Windows NT 4.0 or Windows NT Server 4.0 will fix this problem. Check ME178550 for more details.

Glenn Russo

Microsoft SMS 2.0 can be used to create a query that will find the computer details (provided the computer has SMS client installed) given a MAC address. This can be done even after the IP address has been changed (the details are stored in the database).

EventID.Net

Self-explanatory. It is not easy to find the conflicting machine. If you use switches you can check the switch tables. You can also use a network analyzer in order to capture the MAC address of the conflicting machine.

Dpittsford

For Microsoft Windows users, try EV100207 for a free tool download: Advanced IP Scanner.

Private comment

Subscribers only. See an example of private comment

Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...

Custom search for *****: Google - Bing - Microsoft - Yahoo

Feedback

Send comments or solutions - Notify me when updated

Printer friendly

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.