Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3467
Views
0
Helpful
5
Replies

DHCP Relay problems

cbkirwan1
Level 1
Level 1

‎09-11-2018 05:33 AM - edited ‎02-21-2020 08:13 AM

Hey guys, so last weekend I had a problem when implementing 2 Cisco 5508X ASA's.  I had the routes correct, the VLANs being trunked, mac addresses on the interfaces and even thousands of hit counts on my rule sets.  Only problem was that I was not getting an address.  This firewall is used to segment our wireless traffic.  My wireless network's were not getting addresses and in the packet capture I wasn't seeing any DHCP requests coming through.  This firewall is identical to the old 5520's I'm pulling out.  The only thing different is now with the 5508's I have this DHCP Relay Interface Servers option.  Also there we're not hit's on my ACL rules for the DHCP either.  Any suggestions?  Places to look?

1 person had this problem
0 Helpful
5 Replies 5

Ajay Saini
Level 7
Level 7

‎09-11-2018 06:19 AM

So, the intention is to make the ASA act as a dhcp relay server for the clients to be able to get dhcp ip address from WLC. Do we have the dhcp relay configured?

 

Can you take following debugs:

 

debug dhcp event

debug dhcp packet

debug dhcp error

 

Also, share the relevant configuration from the ASA. 

 

If you can take wireshark captures from a client facing issues, please do that as well.

 

Regards,

 

Ajay

 

0 Helpful

cbkirwan1
Level 1
Level 1
In response to Ajay Saini

‎09-11-2018 06:26 AM

dhcprelay server X.X.X.X inside
dhcprelay server X.X.X.X inside
dhcprelay enable New_Handhelds
dhcprelay enable Laptops
dhcprelay enable Voice
dhcprelay enable Guest
dhcprelay enable Imptob-Corp
dhcprelay enable PLTHVAC
dhcprelay timeout 60

 

This is straight off the active firewall.  I had to back out so I don't have any captures.  The WLC is not acting as the DHCP server, we have dhcp for wireless going to windows servers.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to cbkirwan1

‎09-11-2018 06:37 AM

Where is your DHCP Server located, inside or outside ASA ?

 

worth looking this document and understand DHCP relay with ASA

 

https://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/116265-configure-product-00.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

cbkirwan1
Level 1
Level 1
In response to balaji.bandi

‎09-11-2018 06:40 AM

It is on the inside.  Thanks.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to cbkirwan1

‎09-11-2018 08:47 AM

when the request come in, check the trace logs is the DHCP request sent to DHCP Server ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card