Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
311
Views
0
Helpful
1
Replies

ASA 5550 on a stick with DHCP relay

ruud.manders
Level 1
Level 1

‎01-22-2014 12:36 AM - edited ‎03-11-2019 08:34 PM

Hi all,

I need to implement an ASA 5550 for firewall purposes.

The current design is:

        CORE

          / \

          |  |  10G

         /   \

         DIST

         | | | |  1G

        Multiple

        Access

The ASA is only firewalling for a few VLANs.

The Inside interface of the firewall is connected to the DIST with a trunk, subinterfaces are defined for the VLANs.

The Outside interface of the firewall is connected to the DIST with a L3 connection.

A default route is configured.

Now i have the following issue:

DHCP is required on the VLANs behind the firewall, so i enabled DHCP relay.

The packets are arriving at the DHCP server, then at the Outside interface and then they got lost.

The IP address of the subinterface isnt reachable from the outside network.

If i set a host with a static ip, everything works just fine.

Any ideas how to get the DHCP relay working or should i implement the ASA differently?

Thanks.

Regards,

Ruud

Labels:
0 Helpful
1 Reply 1

Jouni Forss
VIP Alumni
VIP Alumni

‎01-22-2014 01:15 AM

Hi,

I have not had to configure the DHCP Relay that often and when I have had to then there usually has been no problems. Been a pretty basic setup.

Maybe this document might help you troubleshoot your situation

http://www.cisco.com/en/US/products/ps12726/products_configuration_example09186a0080c144d0.shtml

- Jouni

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card