I couldn't find a way to remove the dhcp configuration completely. If there is a command for it please let me know what it is.

I did get around this, but only temporarily. I changed the subnet of the inside interface to 255.255.0.0 and then changed the interface DHCP to 192.168.5.x-x then I changed the inside interface IP to a 192.168.5.x and changed the subnet back to 255.255.255.0 As far as I can tell this is a really retarded long way of going about it.

I still do need a solution since next year the network is going to 10.1.1.0/29

thanks.

'no dhcpd enable inside' should do the trick

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/df.htm#wp1025497

We are really trying to keep you from shooting yourself in the foot here by not allowing a DHCP range to be in a different subnet than the subnet applied to the interface where the DHCP server is enabled. Perhaps we are a little too restrictive for people who know what they are doing...as evidenced by the problems you have had. I will forward this request along to see if we can modify this bahavior a little bit to make it more "user friendly". Nice creative work-around by the way.

Scott

I am running PIX version 6.3(1) and using no dhcpd enable inside does disable the internal dhcp server, but it will not allow you to change dhcp address, or ip address. I tried that before. For the sake of doing it I tried it again and still came up with the "interface address is not on same subnet at dhcp pool"

the pix I am configuring is a 10 license 501. The plan has been to get another one for the main office, probably a 525, and use 501's for the remote offices. Is this a restriction because of the licensing on this pix? I'm kinda stuck here cause if I cant change the lan ip to a 10.1. network I have a lot of reworking to do in our schema.

Thanks Scott. I was missing that command to remove the address range. I tried removing the range in the PDM before, but that didn't work.