I have a router 2600 in my branch.Today i configured the ACL on its internal interface that users cannot acccess internet.After configuring the ACL users cannot getting the IP address from DHCP which is configured on router.Below is my ACL.
Please tell me how i configured the ACL correctly the DHCP issue can be resolved.
ip access-list extended INSIDE-IN
permit ip 192.168.3.0 0.0.0.255 192.168.0.0 0.0.0.255
permit ip 192.168.3.0 0.0.0.255 192.168.10.0 0.0.0.255
permit ip 192.168.3.0 0.0.0.255 192.168.50.0 0.0.0.255
permit ip 192.168.3.0 0.0.0.255 192.168.90.0 0.0.0.255
permit ip 192.168.3.0 0.0.0.255 192.168.101.0 0.0.0.255
permit ip 192.168.3.0 0.0.0.255 192.168.3.0 0.0.0.255
deny ip any any
int fa 0/1
description inside interface
ip access-group INSIDE-IN in
Solved! Go to Solution.
A dhcp broadcast/request doesn't have an ip address yet, so the source address is 0.0.0.0 and, since it's a broadcast, a destination address of 255.255.255.255. So, the source of 0.0.0.0 doesn't match any of your permit statements until it receives an address in the range of IPs that you are permitting through your acl.
*** Please rate all useful posts ***