Showing results for 
Search instead for 
Did you mean: 


Renewing DHCP Discussion on FDM

So, this is an old issue I brought up roughly two years ago, and I still don't see an end in sight.
DHCP configuration limitations inside the NGFW through FDM are still lame. The lack of these two crucial features to me is debilitating.

  1. Cannot configure per-DHCP pool DNS servers.
  2. Cannot configure a hybrid of DHCP pools and DHCP-Relay agents.

As a result, we left Cisco competitor firewalls at each site to continue performing DHCP duties (of which the Cisco firewalls were to replace). Now, I get it that firewalls aren't typically the solution to the DHCP challenges, but Cisco doesn't seem to realize the need for supporting these flexibilities at smaller sites where only a firewall is the router and perimeter security. While there are some other ways around these challenges, Cisco has deliberately crippled one of the most useful functions of a firewall at smaller sites where no servers exist (for security reasons, I might add).

Are there any reasonable alternatives aside from deploying a Raspberry Pi (which our security team will not allow for good reason).

RFC 1925
VIP Guru

This is more of feature request to BU, if this is on demand in the market cisco BU consider and adopt in the newer version oif code


Personally this is more of FW , these features should be out of the box is best.




***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Thanks! So what do you suggest is the best alternative to this scenario without buying additional hardware, or weakening firewall rules?


  • BYOD requires separate DNS servers from employees.
  • Employees are in different security realms where some can use DHCP-Relay, while others can use a vanilla DHCP server.
  • We do not wish to deploy other OS-based systems at each site, which requires patching and additional support.

Thanks for your help.

RFC 1925
Recognize Your Peers
Content for Community-Ad