cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
387
Views
0
Helpful
3
Replies

DHCP on 1841 IOS 12.4

rborman81
Level 1
Level 1

Cannot get DHCP to work on ios 12.4 1841 router.

Clients send dhcp discover packets, not getting dhcp offer packets.

I've tried using dhcptest.exe utility (3rd party google it), that shows a dhcp offer packet for some reason.

Anyways, here's my config:


version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname xxxxxxxxx
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
logging buffered 51200 warnings
!
no aaa new-model
clock timezone EST -5
clock summer-time EDT recurring
no ip source-route
!
!
no ip dhcp conflict logging
ip dhcp excluded-address 192.168.103.1 192.168.103.249
!
ip dhcp pool DOT
   import all
   network 192.168.103.0 255.255.255.0
   domain-name xxxxxxxxx.com
   dns-server 192.168.100.2
   default-router 192.168.103.1
!
!
ip cef
no ip bootp server
no ip domain lookup
ip domain name yourdomain.com
login block-for 100 attempts 10 within 100
login delay 5
login on-failure log
login on-success log
multilink bundle-name authenticated
!
!
ip tcp synwait-time 10
!
!
!
interface FastEthernet0/0
 description xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 ip address 192.168.103.1 255.255.255.0
 ip access-group 100 in
 ip helper-address 192.168.100.2
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip accounting access-violations
 ip flow ingress
 speed auto
 half-duplex
 no cdp enable
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/0/0
 ip address w.x.y.z 255.255.255.252
 ip access-group 110 in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip accounting access-violations
 ip flow ingress
 encapsulation ppp
 no peer neighbor-route
 no fair-queue
 no cdp enable
!
router bgp 65011
 no synchronization
 bgp log-neighbor-changes
 redistribute connected
 neighbor w.x.y.z remote-as 65000
 neighbor w.x.y.z remote-as 65000
 no auto-summary
!
ip forward-protocol nd
!
!
ip http server
ip http access-class 90
ip http authentication local
ip http timeout-policy idle 600 life 86400 requests 10000
!
!
access-list 90 remark HTTP Access-class list
access-list 90 permit 192.168.103.0 0.0.0.255 log
access-list 90 permit 192.168.100.0 0.0.0.255 log
access-list 90 deny   any log
access-list 100 permit tcp 192.168.103.0 0.0.0.255 any
access-list 100 permit udp 192.168.103.0 0.0.0.255 any
access-list 100 permit icmp 192.168.103.0 0.0.0.255 any
access-list 100 deny   ip any any log
access-list 101 remark VTY Access-class list
access-list 101 permit ip 192.168.100.0 0.0.0.255 any log
access-list 101 permit ip 192.168.103.0 0.0.0.255 any log
access-list 101 deny   ip any any log
access-list 110 deny   ip 10.0.0.0 0.255.255.255 any log
access-list 110 deny   ip 172.16.0.0 0.15.255.255 any log
access-list 110 deny   ip 127.0.0.0 0.255.255.255 any log
access-list 110 deny   ip 255.0.0.0 0.255.255.255 any log
access-list 110 deny   ip 224.0.0.0 31.255.255.255 any log
access-list 110 deny   ip host 0.0.0.0 any log
access-list 110 deny   ip 192.168.103.0 0.0.0.255 any log
access-list 110 deny   ip host w.x.y.z any log
access-list 110 deny   icmp any any redirect log
access-list 110 permit ip any any
snmp-server community blah RO
snmp-server community blah RO
!
!
control-plane
!
!

3 Replies 3

Sajid Ali
Level 1
Level 1

Hi,

ip dhcp excluded-address 192.168.103.1 192.168.103.249

What mean this command ? You want to exclude address from .1 to .249 :)

Change the exclude addresses range (e.g. 103.1 to 103.50 or somthing else), I hope it will work

Don't forget to rate helpfull posts

Sajid Ali Pathan

This discussion has been reposted from Cisco User Groups to the WAN, Routing and Switching community.

Hi ,

Under interface fast 0/0 you have an access list 100 that denies packets
from everything but the 192.168.103.0/24 subnet.

Your device that is looking for a dhcp address will not have a valid address until after the dhcp offer.

Try this

!
no access-list 100
!
access-list 100 permit udp any eq bootpc any
access-list 100 permit tcp 192.168.103.0 0.0.0.255 any
access-list 100 permit udp 192.168.103.0 0.0.0.255 any
access-list 100 permit icmp 192.168.103.0 0.0.0.255 any
access-list 100 deny   ip any any log
!

I also agree with the other replier you are a bit short on dhcp pool addresses
You have exclused .1. to .249 that only leave you .250 to .254 but may be that is what you wanted


Regards
Alex

Regards, Alex. Please rate useful posts.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco