06-08-2024 05:44 PM
Hello, I need assistance concerning a little project of mine, so I've set up a firewall asa 5055 to automatically assign an ip address to each of the PC i have set in the packet tracer program but i keep getting the error "DCHP failed. APIPA is being used" when changing the pc state from static to dhcp, every switch is attributed the vlans and are all in trunk mode.
06-08-2024 07:23 PM
@Vasky hi, your ASA dhcp configured only for vlan1. your PCs are in different VLANs. if you configure switch port connected to VLAN1, DHCP will work. if you need DHCP for all VLANs, you need to configure sub interfaces in ASA for each vlan and enable DHCP.
06-08-2024 07:43 PM
@Kasun Bandara thank you for your answer sir, I understand what you're saying but I don't know how to do so, can you help me for one vlan so i can do the rest myself please, im not used to the commands yet (objective is DHCP for all vlans)
06-08-2024 07:56 PM
@Vasky hi unfortunately packet tracer doesnt support sub interfaces on ASA. in this case, you can configure vlans in ASA and bin d to different interfaces. and connect them to L3 switch using different cables and configure respective vlan at the switch.
06-08-2024 08:34 PM
@Kasun Bandara i'm still lost after bunch of failed tries haha, could you be kind enough to help me with this issue
06-08-2024 10:07 PM
@Vasky sure. below are the steps
1. configure VLANs you want in the ASA. and configure gateway ip for each vlan in the ASA VLAN interface. then assign that to the eth0/0, eth0/1.. etc. respectively.
2. connect those ports to L3 switch where your port 0/0 connected now. for ex. eth 0/0 > switch port 0/4, eth 0/1 > switch port 0/5, eth 0/2 > switch port 0/6, etc.
3. configure switch ports to relevelt VLANs respectively. for ex. port 0/4 > vlan 10,port 0/5 > vlan 20, port 0/6 > vlan 30
4. make sure to check access layer switch configured with correct VLAN where PC is belong to.
06-10-2024 12:03 AM
@Kasun Bandara shame to say but i failed, would you be kind enough to realize it and attach the pkt file in your free time? sorry for bothering.
06-10-2024 08:04 AM
@Vasky check the attached file. i used router instead ASA due to license limitation in packet tracer,
06-10-2024 11:08 PM
@Kasun Bandara hello, the DHCP seems to work fine now but i absolutely need it to be done with asa rather than the router
06-11-2024 06:23 AM
@Vasky hi, you cannot use ASA in packet tracer for this. its not support for this requirement. you can try real ASA but you need additional license to enable more than 3 VLANs. or you may need to try real FTD.
06-08-2024 08:51 PM
i have successfully created the concerned vlans (10 20 30 40) in ASA, so now i have the 4 vlans plus the vlan 1 (inside), the switches are set to mode trunk so i dont really know which vlan to switchport in the switches
06-12-2024 05:48 AM
Hello,
post the latest version of your Packet Tracer project file...
06-12-2024 12:44 PM
06-12-2024 02:12 PM
Hello,
the ASA in the file you sent has only two (1 and 2) Vlans...did you save the configuration (wr mem) ? Make sure the configuration contains the below:
interface Vlan10
no nameif
no security-level
ip address 10.10.10.10 255.255.255.0
!
interface Vlan20
no nameif
no security-level
ip address 20.20.20.20 255.255.255.0
!
interface Vlan30
no nameif
no security-level
ip address 30.30.30.30 255.255.255.0
!
interface Vlan40
no nameif
no security-level
ip address 40.40.40.40 255.255.255.0
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide