Re: Cisco 2651 proxy DHCP request across PIX

donteh · ‎12-10-2002

All:

PPTP VPN client connections are established on a Cisco 2651 router. The 2651 router is conifgured to proxy DHCP requests, on the behalf of the VPN clients, to an internal DHCP server. A PIX has positioned between the 2651 router and the internal network where the DHCP server resides. Prior to the PIX the DHCP address assignment has been working. Following the PIX install it is not.

What config. changes need to be made to the 2651 router to make this work?

What access-list changes need to be made to the PIX to make this work?

Thanks!

smalkeric · ‎12-16-2002

ip address if_name dhcp [setroute]. Using this command the PIX Firewall will use DHCP to poll for information. Enables the DHCP client feature on the specified interface. For details refer:

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a00800ec9ea.html#xtocid7

The access list commands can be found at:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/ab.htm#xtocid7

However, Support for the DHCP server within the PIX Firewall is also possible. This means the PIX Firewall can use the DHCP to configure connected clients. This DHCP feature is designed for the remote home or branch office that will establish a connection to an enterprise or corporate network.

The dhcpd command controls the DHCP server feature.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/df.htm#38488

dista · ‎12-26-2002

the pix should relay the dhcp broadcasts to the dhcp server in order to achieve the desired result. but this is not going to happen, because the pix has no relay-agent functionality. according to another posting this should be available in 6.3. not earlier.

my suggestion: place a second dhcp-server between 2651 and pix, which will be able to respond to the remote client requests or configure the 2651 itself to do so.