https://community.cisco.com/t5/network-security/asa-dhcpd-address-restriction/m-p/2227542#M349392 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>The maximum size of a single DHCP Pool is 256 IP addresses. To be able to use so large pool would require your ASA interface where the DHCP is enabled to be larger than /24. With /24 mask network you can assing 253 IP address pools.</P><P></P><P>To my understanding each interface can only have one DHCP Pool and each Pool can be of the maximum size</P><P></P><P>The ASA is not that flexible as a DHCP server so usually its better to use some IOS router/L3 switch or an actual DHCP server.</P><P></P><P>Hope this helps <SPAN __jive_emoticon_name="happy" __jive_macro_name="emoticon" class="jive_macro jive_emote" src="https://community.cisco.com/4.5.4/images/emoticons/happy.gif"></SPAN></P><P></P><P>Remember to mark the reply as the correct answer if it answered your question or ask more if needed <SPAN __jive_emoticon_name="happy" __jive_macro_name="emoticon" class="jive_macro jive_emote" src="https://community.cisco.com/4.5.4/images/emoticons/happy.gif"></SPAN></P><P></P><P>- Jouni</P></BODY></HTML> Thu, 23 May 2013 10:47:05 GMT Jouni Forss 2013-05-23T10:47:05Z https://community.cisco.com/t5/network-security/asa-dhcpd-address-restriction/m-p/2227541#M349388 <P>Hello.</P><P>I have a question on ASA dhcpd address restriction.</P><P></P><P>I've noticed that maximum available DHCP pool is restricted to 256 addresses.<BR /><A href="http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/basic_dhcp.html#wp1125257" target="_blank">http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/basic_dhcp.html#wp1125257</A></P><P></P><P>Is it merely the restriction for dhcp pool per interface or restriction per device?</P><P></P><P>For example, let's say I have 5 interface with dhcpd enabled and have set the pool address as follows:</P><P></P><P><SPAN style="color: #0000ff;">dhcpd address 192.168.10.10-192.168.10.254 segment10 </SPAN><BR /><SPAN style="color: #0000ff;">dhcpd address 192.168.11.10-192.168.11.254 segment11 </SPAN><BR /><SPAN style="color: #0000ff;">dhcpd address 192.168.12.10-192.168.12.254 segment12 </SPAN><BR /><SPAN style="color: #0000ff;">dhcpd address 192.168.13.10-192.168.13.254 segment13 </SPAN><BR /><SPAN style="color: #0000ff;">dhcpd address 192.168.14.10-192.168.14.254 segment14 </SPAN></P><P></P><P>Which below is true?<BR />1. If 100 addresses are provided from segment10 and segment11, only 56 addresses are left available for rest of the segment.<BR />2. It's possible to provide 245 addresses per segment as configured. (device can provide 245*5 addresses to client.)</P><P></P><P>Thanks in advance!</P><P></P><P>Regards,</P><P>Saki</P> Tue, 12 Mar 2019 01:47:58 GMT https://community.cisco.com/t5/network-security/asa-dhcpd-address-restriction/m-p/2227541#M349388 p.sarabande 2019-03-12T01:47:58Z https://community.cisco.com/t5/network-security/asa-dhcpd-address-restriction/m-p/2227542#M349392 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>The maximum size of a single DHCP Pool is 256 IP addresses. To be able to use so large pool would require your ASA interface where the DHCP is enabled to be larger than /24. With /24 mask network you can assing 253 IP address pools.</P><P></P><P>To my understanding each interface can only have one DHCP Pool and each Pool can be of the maximum size</P><P></P><P>The ASA is not that flexible as a DHCP server so usually its better to use some IOS router/L3 switch or an actual DHCP server.</P><P></P><P>Hope this helps <SPAN __jive_emoticon_name="happy" __jive_macro_name="emoticon" class="jive_macro jive_emote" src="https://community.cisco.com/4.5.4/images/emoticons/happy.gif"></SPAN></P><P></P><P>Remember to mark the reply as the correct answer if it answered your question or ask more if needed <SPAN __jive_emoticon_name="happy" __jive_macro_name="emoticon" class="jive_macro jive_emote" src="https://community.cisco.com/4.5.4/images/emoticons/happy.gif"></SPAN></P><P></P><P>- Jouni</P></BODY></HTML> Thu, 23 May 2013 10:47:05 GMT https://community.cisco.com/t5/network-security/asa-dhcpd-address-restriction/m-p/2227542#M349392 Jouni Forss 2013-05-23T10:47:05Z https://community.cisco.com/t5/network-security/asa-dhcpd-address-restriction/m-p/2227543#M349394 <HTML><HEAD></HEAD><BODY><P>Thanks Jouni,</P><P>But my question is about the amount of DHCP pool that can be used for device that has multiple interfaces. </P><P></P><P>interface gig0/0.10<BR /> vlan 10</P><P> nameif segment10 <BR /> ip address 192.168.10.1 255.255.255.0<BR /> security 100</P><P>!</P><P>interface gig0/0.11</P><P>nameif segment11</P><P>ip address 192.168.11.1 255.255.255.0</P><P>security 100</P><P>!</P><P>.... and so on.</P><P></P><P>Is there any clue? </P><P></P><P>Regards,<BR />Saki</P></BODY></HTML> Fri, 24 May 2013 00:57:58 GMT https://community.cisco.com/t5/network-security/asa-dhcpd-address-restriction/m-p/2227543#M349394 p.sarabande 2013-05-24T00:57:58Z https://community.cisco.com/t5/network-security/asa-dhcpd-address-restriction/m-p/2227544#M349396 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>As I said, I think the ASA can have 1 maximum size DHCP Pool per interface. The amount of interface shouldnt really matter.</P><P></P><P><STRONG>Quote from the Configuration Guide of ASA</STRONG></P><P></P><PRE __jive_macro_name="quote" class="jive_text_macro jive_macro_quote"><P>You can configure only one DHCP server on each interface of the ASA. Each interface can have its</P><P>own pool of addresses to use.</P></PRE><P></P><P>So basicly each interface can have a pool.</P><P></P><P>Hope this helps <SPAN __jive_emoticon_name="happy" __jive_macro_name="emoticon" class="jive_macro jive_emote" src="https://community.cisco.com/4.5.4/images/emoticons/happy.gif"></SPAN></P><P></P><P>Remember to mark the reply as correct answer if it answered your question.</P><P></P><P>- Jouni</P></BODY></HTML> Fri, 24 May 2013 03:19:45 GMT https://community.cisco.com/t5/network-security/asa-dhcpd-address-restriction/m-p/2227544#M349396 Jouni Forss 2013-05-24T03:19:45Z