04-12-2017 05:13 AM - edited 03-12-2019 02:12 AM
I am running an ASA5506x in FTD mode. Managing it with FDM. I can't seem to find an option to create a DHCP relay. I have found documentation on how to do it with FMC so I assume that it is possible with FTD. Any idea if there is a way?
Solved! Go to Solution.
04-13-2017 07:27 AM
You can create DHCP relay services in Firepower Threat Defense (FTD) through FMC.
http://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/200475-Configure-DHCP-Server-Relay-on-FTD-Using.html
04-13-2017 07:27 AM
You can create DHCP relay services in Firepower Threat Defense (FTD) through FMC.
http://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/200475-Configure-DHCP-Server-Relay-on-FTD-Using.html
04-13-2017 07:30 AM
Thanks. I assume by that answer that we can't add them through FDM or CLI? I don't have FMC at the moment and I wasn't planning on getting it.
07-03-2018 06:10 AM
Hello, did you ever find a way to add dhcp relay/helper to FTD? I need the same thing. Thanks
11-19-2020 11:33 AM
I always assume the requester isn't using FMC, because there are a number of complex challenges with FMC use. I've abandoned FMC in favor of CDO, myself because of the connectivity requirements with FMC.
10-14-2021 08:20 AM - edited 10-14-2021 08:21 AM
I am sure the requirement is to configure it through FDM not FMC. in order to configure dhcp relay, i need to buy a physical server, install FMC, buy FMC license (if any), purchase hardware protection for physical server, pay someone who knows how to manage VMs and reconfigure the whole firewall, because you cannot seamless convert fdm to fmc, just in order to get DHCP reply function? Maybe another good choice is to purchase a firewall from another vendor.
10-14-2021 09:07 PM - edited 10-14-2021 09:09 PM
There's no need to run FMC for this feature.
The dhcprelay feature for FDM-managed FTD devices was available via Flexconfig through version 6.7.
7.0 deprecated that in favor of API-based configuration.
It will be incorporated into the FDM GUI natively in version 7.1, due out next month.
08-07-2019 04:18 AM
I used FlexConfig with Flex Object:
dhcprelay server <dhcp_server_IP> <server_interface_name>
dhcprelay setroute <relay_interface_name>
dhcprelay enable <relay_interface_name>
FDM will not let you have any dhcp server (DHCPD) running on vFTD image.
Erase all DHCP server (DHCPD) configuration befor apply dhcprelay to FlexConfig.
Filip
12-12-2019 08:37 AM - edited 12-12-2019 09:20 AM
02-18-2020 06:57 AM
09-27-2020 11:51 AM
To help clarify here is the process that you need to follow:
*note <server_interface_name> and <relay_interface_name> reference the Logical Name - ex. inside
*note you need to put the relay interface information for all interfaces you would like relayed
*note you can only use either relay or internal DHCP server. You cannot use them at the same time.
1. Create the FlexConfig Objects listed above
dhcprelay server <dhcp_server_IP> <server_interface_name>
dhcprelay setroute <relay_interface_name>
dhcprelay enable <relay_interface_name>
2. add the new DHCP-Realy FlexConfig Object to the FlexConfig Policy
- the FlexConfig Policy makes the object active
3. disable all dhcp server scopes
4. deploy
5. test
11-19-2020 03:16 PM
dhcprelay setroute <relay_interface_name> - this is unnecessary
10-18-2021 11:52 AM
Hi, I know it's slightly old, but as it's one of the first hits that's flagged in Google, thought I'd mention that flexconfig is not available in v7, going API crazy and it's a bit more of a mission to implement dhcprelay and a few other commands, snmp, in the FDM for what used to be a very simple few lines
Reverted the test kit to 6.6 instead and completed in seconds.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide