Firepower DHCP-Relay

Jojje · ‎04-06-2023

Hi,

Im having issues with getting DHCP-Requests to my DHCP-server from a subnet in a different VRF working.

The setup looks like this:

Firewall the serves VRF-A, where DHCP-relay is configured with the following settings for DHCP-Relay Agent:
Interface: VRF-A
Enable IPv4-Relay: True
Set route: True

and the following settings for DHCP-Servers
Server: 172.22.0.70
Interface Transport

Its my understanding that the DHCP-request should come in to the firewall on VRF-A and then the firewall relays that request to the server on interface named "Transport"

The second firewall serving VRF-B is also configured with DHCP-relay, with the agent configured:
Interface: Transport
Enable IPv4-relay: True
Set route: True

And with the following settings for DHCP-Servers:
Server: 172.22.0.70
Interface: VRF-B

Then the firewall should receive the DHCP-Request on the Transport-interface and forward it to the DHCP-Server on Interface for VRF-B.

For some reason I cant seem to get an DHCP-address.

What am I doing wrong here?

MHM Cisco World · ‎04-06-2023

FW receive broadcast dhcp relay it add it interface IP to dhcp request' and other l3 device between fw relay and dhcp server will never modify the dhcp request'

So config dhcp server to for vrf-a not vrf-b.

Jojje · ‎04-06-2023

So if I understand you correctly, I should remove DHCP-Relay agent and DHCP-Server configuration from the FW handling VRF-B and only have the config for FW handling VRF-A?