DHCP access-list router firewall DHCP: Received a BOOTREP pkt Not for us..

glenthms · ‎03-31-2006

Why do I keep getting this message?

DHCP: Received a BOOTREP pkt Not for us..: xid:??

My ACL is setup to allow the following into the internet facing interface.

ip access-list extended internet_in

permit icmp any any echo-reply

permit icmp any any unreachable

permit icmp any any administratively-prohibited

permit icmp any any packet-too-big

permit icmp any any time-exceeded

permit esp any any

permit udp any any eq isakmp

permit gre any any

permit icmp any any echo

permit udp any eq bootps any eq bootpc

deny ip any any log

Is there anything I can do to narrow down the ACL ? Or to I have to leave it wide open?

Richard Burts · ‎03-31-2006

Glen

I believe your situation is caused by this line in your access list:

permit udp any eq bootps any eq bootpc

I am puzzled why on an Internet facing interface you would permit BOOTP/DHCP? If there is some reason that you need to permit it on your Internet facing interface then you are probably stuck with these messages. If you do not need to permit it, then remove this line from the access list and I believe that the messages will stop.

HTH

Rick

HTH

Rick