07-09-2021 03:36 AM - edited 07-12-2021 11:24 PM
Hi! i configure a option 82 on a switch cisco 2960. A switch sending a packet with option 82
A format circuit-id is default : vlan-mod-port
A format remote-id is string
A dhcp received a packet in HEX but message is incorrect when we translate it in text.
So that we configure type remote-id like string that a message is correct.
But when circuit-id is default and in convertaion procces in text result is incorrect .
Can you help me with configure the circuit-id?
07-09-2021 03:46 AM
is the switch acting as DHCP Server ?
check below guide :
07-09-2021 04:45 AM
No, only access . Configure dhcp relay on our DHCP on WS2016. A Short network plan:
07-09-2021 03:07 PM
When dealing with options (43, 82) the hex conversion has to be done correctly and there are syntax around that. For option 43, the conversion tool at https://shimi.net/services/opt43/ works well, and takes out all the guesswork.
I'm not sure if there is a similar tool for option 82, but these two articles address option 82 hex and hex conversion.
https://mrncciew.com/2013/06/08/hex-to-string-conversion/
debug ip dhcp server class
https://mrncciew.com/2013/05/18/understanding-dhcp-option-82/
debug ip dhcp server packet detail
If this information helps or you find the solution, please update this thread.
07-10-2021 04:12 AM
SW-L3 FW-DHCP Server
SW will add Circuit-id
L3 FW as DHCP relay will add remote-id, so check the remote-id with the hostname of SW appear in FW.
this is what I know about the remote-id
07-12-2021 11:16 PM
Oh give me apoligaze i said no enought correct. A problem with circuit-id , sure. I need to know about vlan and port .
07-13-2021 03:26 AM
0x010600040014020A020F010D6D617230312D617377312D7331 = D6D617230312D617377312D7331 - mar01-asw1-s1 = remote-id
0x
01 - suboption
06 length 3 to 7
00 circut id type
04 length 5 to 7 octet
0014020A020F010 - vlan-mod-port = cirtcuit-id how to conver this hex message or how to configure that it will be to read.
For example on huawei switch a option 82 message is 0x01324769676162697445746865726E6574302F302F34363A36302E302074616730312D617377322D73312F302F302F302F302F30020648570248F990 to string 2GigabitEthernet0/0/46:60.0 tag01-asw2-s1/0/0/0/0/0HWH��
07-13-2021 04:17 AM
OK as I mention before,
FG delete the circuit-id and add it remote-id,
can you check if you config the port connect to SW as trust may be this make the FW trust the OP 82 circuit-id from SW.
07-14-2021 02:23 AM
Our firewall FG does not support option82 because we have a special firmware from our security service however we have the same firewall FG but with huawei switch and option82 recived correctly. Sure it's may be for reason of unsupport option82 from Firewall FG...But i want to know whay it really from it.
07-14-2021 02:15 PM
so your Agent-Circuit-id
0004001e0227
0001e = VLAN 30
is that right if we in right way.
07-15-2021 01:04 AM
Yes, that right, vlan id is 30 but where are you got that circuit-id 0004001e0227? may be you mean 00040001e0212 like on a screenshot?
07-15-2021 02:57 AM
and please explain me how you convert 0001e to vlan 30 ?
07-15-2021 06:44 AM
I attach each vendor how it build agent-circuit-id,
for how
only hex to decimal
001e = 30 <- and this for cisco agent-circuit-id is for vlan and hence is vlan 30
07-16-2021 12:02 AM
soo if i want to get a result from circuit-id i need to convert circuit-id to decimal? Okay so what next? 0227 what is?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide