Thanks amikat, I will give it a try. I have a similar setup but wasn't getting IPv4 addresses via DHCP relay. The 1941 is also DHCP sever for two other directly connected subnets (10.1.2.0 & 10.1.3.0). I assumed that it would only provide 10.1.5.0 addresses on the link between it & the ASA and not to the LAN (10.1.1.0) on the inside of the ASA.

Amikat, I cannot seem to get this DHCP relay happening. My config on the ASA:

dhcprelay server 10.1.5.5 WAN
dhcprelay enable LAN
dhcprelay setroute LAN
dhcprelay timeout 60
dhcprelay information trust-all

Clients are on the LAN interface (10.1.1.0/24). The 1941 config:

ip dhcp excluded-address 10.1.1.1 10.1.1.99
!
ip dhcp pool 10
 import all
 network 10.1.1.0 255.255.255.0
 dns-server 192.231.203.132 192.231.203.3 
 default-router 10.1.1.1 
 domain-name 10.bde.lan
 option 42 ip 1.9.4.1 
 lease 0 8
!

Clients connected directly to the 1941 on VLAN10 can all obtain an IP address via DHCP. Clients connected to the ASA LAN interface cannot.

Finally you just check that NAT and ACLs applied to the interfaces do not interfere with DHCP and you are done.

I have no ACLs applied to any interface apart from NAT:

object network dynnat.obj
 range 10.1.5.10 10.1.5.254
 description for_nat
!
object-group network inside_subnets.net.obj
 description for_nat
 network-object 10.1.1.0 255.255.255.0
!
nat (any,WAN) source dynamic inside_subnets.net.obj dynnat.obj
!

All clients are able to ping the internets when allocated static IP addresses. Am I missing something?

Hi,

Thanks for the feedback. Have you set the static route back to the ASA LAN at Router as indicated in my mail? Can you please post the "show ip dhcp binding" command output (R1941).

Thanks & Regards,

Antonin

Thanks Amikat, I have wiped the ASA 5550's config as it was all over the shop and getting too complex. I have started again and when it is up & running I will post as you have requested.

Thanks for that. I set the static route as described and that seemed to fix it.