Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7038
Views
0
Helpful
6
Replies

asa with dhcp and failover

jvardhan29
Level 1
Level 1

‎01-12-2011 03:00 AM - edited ‎03-11-2019 12:34 PM

hi ,

In the below document under Failover Configuration Limitations it is mentioned that the DHCP and PPPOE cannot be configured , so is it true for only Active Active or Active / standby also ?


http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080834058.shtml

You cannot configure failover with these types of IP addresses:

IP addresses obtained through DHCP

IP addresses obtained through PPPoE

If this is only for the Active-Active , so in the case of A/S does the dhcpbindings and lease gets failed over from active to the peer device ( i.e stateful sessions ) or the bindings are renegotiated ?

Labels:
0 Helpful
6 Replies 6

Jennifer Halim
Cisco Employee
Cisco Employee

‎01-12-2011 03:45 AM

The statement is true for both Active/Standby as well as Active/Active failover.

The  reason why it's not working is because for failover to work, you would  need to have ip address on each of the ASA firewall so it can check the  state of the interface, and failover when it's faulty. When the ip  address is dynamically assigned whether it's through DHCP or PPPoE, you  will only be assigned 1 ip address, and the standby firewall will have  no ip address, and hence failover will not work.

0 Helpful

jvardhan29
Level 1
Level 1
In response to Jennifer Halim

‎01-14-2011 04:28 AM

thanks for answer . i agree to the same

If we cannot assign DHCP then there is a link which i was going thru and found that failover is configured with inside interface as the DHCP server

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/ref_examples.html#wp1065283

so does that mean that with failover only the dhcp cleint feature cannot be configured but the dhcp server and relay can be configured . if yes then whether the same session of dhcprelay and server is replicated to failover ?

0 Helpful

jvardhan29
Level 1
Level 1
In response to jvardhan29

‎01-17-2011 12:55 AM

hi experts

any comments or views on this ?

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee
In response to jvardhan29

‎01-17-2011 01:01 AM

No, DHCP ip address lease information will not be replicated from active to standby firewall.

Here is what is being replicated through stateful failover link:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/ha_overview.html#wp1078953

Hope that answers your question.

0 Helpful

jvardhan29
Level 1
Level 1
In response to Jennifer Halim

‎01-22-2011 05:38 AM

jennifer ,

thanks for answring , so can we say that dhcp server & relay can be configured with failover though the dhcp information will not be replicated to standby ?

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/ref_examples.html#wp1065283

0 Helpful

Kureli Sankar
Cisco Employee
Cisco Employee
In response to jvardhan29

‎01-23-2011 06:45 AM

Not at the same time.

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/dhcp.html#wp1116296

You cannot configure a DHCP client or DHCP Relay  services on an interface on which the server is enabled.

-KS

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card