Solved: Re: VACL blocking Cell Phone DHCP

tylerphillippe · ‎04-10-2018

Hello all!

I have applied a VACL to VLAN 11 and everything works, except cell phones cannot get a DHCP address. Windows machines get an address just fine. Has anyone seen anything like this before? Any ideas based off my config? It is setup to allow only IP traffic to the two remote sites, IP traffic to third domain controller for DHCP, IP traffic to the Internet and deny communication with anything else on the network.

Thanks!

tylerphillippe · ‎04-12-2018

I figured it out. I had to add this line to the config anywhere before the deny statements: permit udp 192.168.21.0 0.0.0.127 192.168.21.0 0.0.0.127 eq bootpc

It seems Windows doesn't "need" the final bootpc message to accept an address from a server, but Android does.

View solution in original post

tylerphillippe · ‎04-12-2018

BUMP... Anyone seen anything about this?

Thanks!

tylerphillippe · ‎04-12-2018

I figured it out. I had to add this line to the config anywhere before the deny statements: permit udp 192.168.21.0 0.0.0.127 192.168.21.0 0.0.0.127 eq bootpc

It seems Windows doesn't "need" the final bootpc message to accept an address from a server, but Android does.