DHCP issue
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-29-2015 10:42 AM - edited 03-11-2019 11:11 PM
Client behing VRF gateway and firewall is not obtaining IP address.
below is the connectivity. IP helper address is configured on cisco6509 VRF vlan.
PC/Laptop ---->Cisco 6509---VRF(Vlan)--->Cisco 6513---->ASA firewall--->DHCP Server.
Gateway for PC/Laptop is 6509switch and DHCP server is connected on 6513.
Any connection to DHCP server has to pass through ASA firewall.
- Labels:
-
NGFW Firewalls
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-29-2015 12:31 PM
This may clarify the issue:
- You must be directly connected to the security appliance and cannot send requests through another relay agent or a router.
http://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/116265-configure-product-00.html
Mike.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-29-2015 12:36 PM
Hello Imtiaz,
If you are trying to pass relay DHCP request witin 6509-switch from one-vrf to global routing space on the same 6509-switch is not doable.
Is your 6509's interface which connects to 6513 in the same vrf as PC/Laptop vlan?
It is not, it has to be.
thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-29-2015 10:15 PM
Hi Rizwan
it is in same vrf. and vrf routes are toward firewall IP.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-30-2015 07:00 AM
Hello Imtiaz,
If you want to isolate certain segment of the network you can also use vlan-map, which is more flexible than vrf and private-vlans.
https://supportforums.cisco.com/discussion/11418361/isolated-vlan-implementation
This maybe helpfull to you.
thanks
