Re: ASA blocking DHCP message requests

nothingbutme · ‎05-17-2024

Hi, I'm having some troubles with the network. I tried different setups and this is one I have got. I followed different setups found on internet and tried to connect everything accordingly, but when it comes to get IPs for PCs, the DHCP ends up failing for all but for one PC (Management PC). Tried to troubleshooting changing some settings but won't work. Have you got any idea where the trouble may be?
I know the ASA may be stopping the DHCP messages and I tried to configure the ASA accordingly, but when I tried, this is the message I have got from the ASA

ciscoasa(config)#access-list 101 permit ip 192.168.10.0 0.0.0.255 any

ERROR: IP address,mask <192.168.10.0,0.0.0.255> doesn't pair
ciscoasa(config)#access-list 101 permit ip 192.168.20.0 0.0.0.255 any
ERROR: IP address,mask <192.168.20.0,0.0.0.255> doesn't pair
ciscoasa(config)#access-list 101 permit ip 192.168.40.0 0.0.0.255 any
ERROR: IP address,mask <192.168.40.0,0.0.0.255> doesn't pair

I have attached PT's file for reference. Hope someone can help!

MHM Cisco World · ‎05-17-2024

The ACL of ASA use mask not wildcard like other router

Change it to

255.255.255.0 and check dhcp

MHM

nothingbutme · ‎05-17-2024

Changed to your settings, ACLs lists are up but still failing DHCP. I tried ChatGPT and it seems like I am missing the following command:

#access-group 101 in interface GigabitEthernet1/1 (missing command according to ChatGPT)

^

% Invalid input detected at '^' marker. (error from ciscoasa)