cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4230
Views
8
Helpful
11
Replies

ASA DHCP Relay Feature

jonix.niebla
Level 1
Level 1

Hi,

I'm trying to remove the DHCP services from the ASA, thus I also need to enable the DHCP relay server feature. Do I have to disable the DHCPD config also for the management interface?

Thanks.

11 Replies 11

Marwan ALshawi
VIP Alumni
VIP Alumni

the following example will help u under stand the requiremnt

DHCP Relay Example

A DHCP relay is configured to accept DHCP requests from clients on the inside interface and

relay them to the DHCP server at 192.168.1.1 on the DMZ interface. The firewall waits 120

seconds for a reply from the DHCP server. The firewall's inside interface address is given to the

clients as a default gateway. You can use the following commands to accomplish this:

Firewall(config)# dhcprelay server 192.168.1.1 dmz

Firewall(config)# dhcprelay timeout 120

Firewall(config)# dhcprelay setroute inside

Firewall(config)# dhcprelay enable inside

if helpful Rate

Thank you. One more thing though, is it possible to have dhcprelay and dhcpd configuration active on your ASA?

Thanks again.

u can but they shoud operate in diffrent interfaces

if helpful rate

good luck

thank you very much

Hi,

Unfortunately this is not possible.I am not sure why you were told yes by marva :

########

ASA5510-Single(config)# sh ip

System IP Addresses:

Interface Name IP address Subnet mask Method

Ethernet0/1 inside 192.168.16.9 255.255.255.128 CONFIG

Management0/0.2 newsubnet 10.10.0.7 255.255.255.224 CONFIG

Current IP Addresses:

Interface Name IP address Subnet mask Method

Ethernet0/1 inside 192.168.16.9 255.255.255.128 CONFIG

Management0/0.2 newsubnet 10.10.0.7 255.255.255.224 CONFIG

ASA5510-Single(config)# dhcprelay server 192.168.1.1 newsubnet

ASA5510-Single(config)# dhcprelay timeout 120

ASA5510-Single(config)# dhcprelay setroute inside

ASA5510-Single(config)# dhcprelay enable inside

ASA5510-Single(config)# dhc

ASA5510-Single(config)# dhcpd ena

ASA5510-Single(config)# dhcpd enable inside

DHCP: Interface 'inside' is currently configured as RELAY SERVER and cannot be c hanged to a SERVER by a SERVER feature

ASA5510-Single(config)# dhcpd enable newsubnet

DHCP: Interface 'newsubnet' is currently configured as RELAY and cannot be chang ed to a SERVER by a SERVER feature

###############

Regards,

Sushil

i said they should operate in diffrent interfaces

if hte relay is on the inside u may use the firewall as dhcp server for the dmz network

ofcourse u cant use the same interface as both

relay trnslate the broadcast to unicast for the dhcp server and dhcp server anser for client request

in the above example,I tried setting dhcpd on both the interfaces,dmz ( newsubnet in my example ) and inside.None of that works.I know there is a documentation error or cco.But it never worked for me.....tested this a lot during my ccie prep. :)

Regards,

Sushil

Suhil

thefollowing config example i have just done it

interface inside firewall as dhcp server

dmz is dhcprelay to a server on dmz1

dhcpd address 192.168.1.1-192.168.1.10 inside

!

dhcprelay server 10.1.1.1 dmz1

dhcprelay enable dmz

dhcprelay timeout 60

!

but U were right !!

pixfirewall(config)# dhcpd enable inside

Can't start DHCP daemon - DHCP Relay Agent is running.

logicaly sounds ok but practicly not

thanks for pointing me out

Sir,

Please enable the dhcp server on inside.By just defining a scope does not enable dhcp server on inside.

Try adding :

dhcpd enable inside

You would know what I am saying...

Regards,

Sushil

it sounds we overlaping in the posts i changed the post read the one above again

and i rated u as well :)

thansk

Great,

Glad to share.Have a nice one.

Regards,

Sushil

Review Cisco Networking for a $25 gift card