Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1290
Views
0
Helpful
0
Replies

DHCP Relay From ASA 5505 to MIcrosoft Azure hosted DHCP Server

Serphentis
Level 1
Level 1

‎03-27-2016 07:51 AM

Hi There,


After managing to sort my IPsec VPN tunnel to azure I am now stuck at another point which for the life of me I cannot figure it out. Was it an ASA-ASA there is plenty of information on how can this possibly work, problem is that the tunnel is with MS Azure.

The Goal: Allow clients on the internal network (10.1.1.0/24) to obtain IP addresses from a DHCP server in Azure (10.1.2.0/27).

The Sites:


Site 1 - Office:

Cisco 5505 ASA (behind a router 10.1.10.254, vpn ports 500 and 4500 forwarded to ASA)
Internal (inside interface) IP: 10.1.1.254
External (outside interface) IP: 10.1.10.136

Site 2 - Microsoft Azure:


DHCP server: 10.1.2.4

The Config:

There is a working ipsec site to site vpn between site1 and 2, and I have full control over the DHCP server from the onprem network.


When I run:

dhcprelay server 10.1.2.4 outside
dhcprelay enable inside
dhcprelay timeout 60

access-list DHCP-Relay extended permit ip host 10.1.10.136 host 10.1.2.4

access-list DHCP-Relay extended permit ip host 10.1.1.254 host 10.1.2.4


I am still not able to obtain an IP Address.


Considering that the DHCP request are leaving over the outside interface, I am assuming I need some extra rules that I have no idea what they are.

Should there be a rule towards the Public IP Addresses?

Thank you in advance,
Niko

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card