Hi,
I'm not sure if its just not possible to do that through 2 Security Context.
Have you tried to configure it and checked what happens between the 2 Security Context when a client is trying to get an IP address?
There should be no problem for this to work in a single context but to be honest I have never tried it in the setup you suggest. I'm not totally sure is there some difference in how it works compared to the "ip helper-address".
I've had to configure this only once in a FWSM. Other times the actual DHCP service has been on the FWSM. Or the user behind the context has had a router using "ip helper-address" to unicast the DHCP request to the servers.
Maybe you could try setting up "ip helper-address" on the actual core device?
Also wonder would it be possible to bring the server Vlan also to the Client Security Context so the first context can relay the DHCP request directly to the server Vlan? The documentation does talk about not being able to do this in shared Vlan situations but I understood the description so that the actual relay service cant be enabled on the shared Vlan but didnt mention about setting the server destination interface as a shared Vlan? Or maybe I'm mistaken.
- Jouni