Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
351
Views
0
Helpful
5
Replies

Cisco 892FSP Router refuses to provide DHCP to new VLAN.

OpenTheSourc
Level 1
Level 1

‎04-30-2024 12:14 PM

I have my config attached. 

Essentially I have a VLAN I have been using for awhile: 192.168.6.0 

I am trying to add an additional VLAN in the form of: 192.168.20.0

I have mirrored the config as close as I can in order to get it all working, but it refuses to lease DHCP addresses to anything on the interface(s) on that VLAN. I spent a lot of time reading through forums and trying to research helper addresses and such that are mentioned in other posts to no avail. Hopefully someone can review my config and point out a simple mistake I am overlooking.

Finally I have a question about DHCP servers on the Router. Can I create multiple IP addresses that reference the Router as the DHCP server for the devices in my VLAN? When I give my PC a static IP in the network it was able to ping the router's IP in that VLAN (192.168.20.1) but I could not ping anything else, especially outside of that LAN. 

Side note~~ The 192.168.10.0 network is configured specifically to connect to the router via SSH and disallow external network communication. This is working as designed. 

Thanks to anyone who is able to assist. 

Labels:
Preview file
4 KB
0 Helpful
5 Replies 5

MHM Cisco World
VIP
VIP

‎04-30-2024 12:28 PM - edited ‎04-30-2024 12:28 PM 

interface Vlan20
 ip address 192.168.20.1 255.255.255.0
 ip access-group VLAN20_ACL in <- must inlcude permit dhcp to and from 67/68
 ip helper-address 192.168.20.1 <- no need 
 ip nat inside
 ip virtual-reassembly in
0 Helpful

OpenTheSourc
Level 1
Level 1
In response to MHM Cisco World

‎04-30-2024 12:31 PM

Hi, and thanks for your response. Can you please elaborate on your statement:

ip access-group VLAN20_ACL in <- must inlcude permit dhcp to and from 67/68


 Also, not sure if you saw my question at the bottom. I'm trying to make sure my understanding of the networking concepts as well as the capabilities of this device is sound.

0 Helpful

MHM Cisco World
VIP
VIP
In response to OpenTheSourc

‎04-30-2024 12:34 PM - edited ‎04-30-2024 12:35 PM 

permit udp any eq bootpc any eq bootps

For your Other Q can you more elaborate 
Thanks 
MHM
0 Helpful

OpenTheSourc
Level 1
Level 1
In response to MHM Cisco World

‎04-30-2024 12:44 PM

Can you describe in more detail what these 2 recommendations you provided do?

permit udp any eq bootpc any eq bootps
ip access-group VLAN20_ACL in <- must inlcude permit dhcp to and from 67/68

To rephrase and expand on my question:

Is this router capable of running DHCP server(s) in each specific VLAN? Does the Default Gateway IP (192.168.20.1 & 192.168.6.1) function as the gateway and the DHCP server simultaneously? Does the router act as a single DHCP server with multiple VLANs or does each VLAN request the router create a new DHCP server instance within itself? 

I am actively engaged with some other things for now on the job. I will try to see if I can implement your recommendations and follow up with any updates. 


Thank you for your time. 

0 Helpful

OpenTheSourc
Level 1
Level 1
In response to MHM Cisco World

‎05-01-2024 12:32 PM

Ok, I'm unclear on how exactly to add the specs for your recommendations now that I'm logged into the device. 

Where am I supposed to apply:

permit udp any eq bootpc any eq bootps

I am also unclear how to apply this recommendation. 

ip access-group VLAN20_ACL in <- must inlcude permit dhcp to and from 67/68

Here is what I see when I edit that VLAN's Access group by that name:

(config-if)#ip access-group VLAN20_ACL ?
in inbound packets
out outbound packets

(config-if)#ip access-group VLAN20_ACL in ?
<cr>

Still cannot pull DHCP on Gi1. 

Any advice is appreciated. 

0 Helpful
Customers Also Viewed These Support Documents