04-25-2012 07:32 AM - edited 03-11-2019 03:58 PM
Hello everybody.
I am facing a problem.
DHCP is active on the INSIDE interface.
However i get the following log messages:
UDP request discarded from 192.168.1.254/67 to INSIDE:192.168.1.1/67 |
dhcpd address 192.168.1.2-192.168.1.249 INSIDE dhcpd dns 8.8.8.8 8.8.4.4 interface INSIDE dhcpd lease 36000 interface INSIDE dhcpd enable INSIDE
The dhcpd state shows inside as active.
I really dont get, why it doesnt get an offer back.
04-25-2012 07:59 AM
Hi,
Shouldn't the source address for the request be "0.0.0.0" and not an actual IP address from the same subnet?
Or is some network device forwarding initial DHCP messages to the ASA?
There shouldnt be many things that could be wrong with the DHCP on ASA. Either you use DHCP for hosts that are connected to the ASAs interface running the DHCP or you are using dhcprelay on the ASA to relay the DHCP messages to an actual server.
- Jouni
04-25-2012 08:02 AM
Hi Jouni,
basically the requests commning from a wireless controller. thats why its not 0.0.0.0.
If i connect a host directly to the ASA i get a DHCP. I would like to use the ASA as DHCP over the wireless controller.
04-25-2012 10:16 AM
Hello,
Do you have any logs while the issue happens, I mean we can see on that monitor tool that you were dropping packets but we will need to see what the logs say to determine why this happens.
Regards,
Julio
04-25-2012 10:46 AM
Hi Julio,
the only log message i see (that is related to this), is the one i posted:
UDP request discarded from 192.168.1.254/67 to INSIDE:192.168.1.1/67
04-25-2012 10:54 AM
Hello,
hmm it got to be something else, I mean that log does not show that the Interface went down it only shows that a UDP packets was not allowed to traverse the ASA due to the Accelerated Security Path ( ASP algorithm)
Regards,
Julio
03-07-2013 06:10 AM
I am having the same issue, did you find any solution for this...
Below is my config
dhcpd dns 208.67.222.123 208.67.220.123
dhcpd lease 43200
dhcpd ping_timeout 20
dhcpd option 3 ip 172.16.8.1
dhcpd address 172.16.8.40-172.16.8.167 guest
dhcpd enable guest
and the logs..
%ASA-7-710005: UDP request discarded from 172.16.8.201/67 to guest:172.16.8.1/67
%ASA-7-710005: UDP request discarded from 172.16.8.201/67 to guest:172.16.8.1/67
%ASA-7-710005: UDP request discarded from 172.16.8.201/67 to guest:172.16.8.1/67
%ASA-7-710005: UDP request discarded from 172.16.8.201/67 to guest:172.16.8.1/67
%ASA-7-710005: UDP request discarded from 172.16.8.201/67 to guest:172.16.8.1/67
%ASA-7-710005: UDP request discarded from 172.16.8.201/67 to guest:172.16.8.1/67
%ASA-7-710005: UDP request discarded from 172.16.8.201/67 to guest:172.16.8.1/67
%ASA-7-710005: UDP request discarded from 172.16.8.201/67 to guest:172.16.8.1/67
%ASA-7-710005: UDP request discarded from 172.16.8.201/67 to guest:172.16.8.1/67
%ASA-7-710005: UDP request discarded from 172.16.8.201/67 to guest:172.16.8.1/67
172.16.8.201 is the wireless controller and 172.16.8.1 is the Firewall Guest interface
Siddhartha
03-07-2013 08:11 AM
found the issue.
ASA s don't support Unicast DHCP requests, thts why its discarding the proxied DHCP requests from the wireless controller.
work around- Disable DHCP proxy on the controller ( its a global setting not a per WLAN setting)
https://supportforums.cisco.com/thread/2178369
Siddhartha
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: