Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
513
Views
3
Helpful
8
Replies

DHCP Relay Just Won't Work

PJ123
Level 1
Level 1

‎04-14-2024 05:10 PM

Hey Everyone,

Def need some advice on this...it just won't work!

Setup is basically: LAN Switch has a direct SDWAN connection from Port 1 on the Velo with DHCP Relay enabled on the Internal Subnet Address of say 172.16.1.150 to the S2S DHCP Server on 172.16.20.7 (this is how the vendor told me to connect it).

ASA has an Inside of 172.16.1.0/24 with the DHCP Relay enabled on it as well pointing to to the Tunneled Address of 172.20.1.7 (the remote Windows DC/DHCP Server) which it can see/ping.

The Internal Hosts aren't getting a DHCP or DNS from that guy though. I THINK it may be a licensing issue on the ASA (no Strong Encryption License as we're having issues applying the Smart License).

Any insight would be greatly appreciated.....

Thank You!

 

 

 

Labels:
8 Replies 8

Georg Pauwen
VIP
VIP

‎04-14-2024 09:38 PM

Hello,

post a schematic drawing of your topology, as well as the relevant configurations of the devices involved...

MHM Cisco World
VIP
VIP

‎04-14-2024 11:12 PM

No I dont think so it mostly bug'

Just to confirm

You use dhcp relay to server reachable via IPsec ?

MHM

0 Helpful

MHM Cisco World
VIP
VIP
In response to MHM Cisco World

‎04-14-2024 11:17 PM

Share this 

Debug dhcpc detail 255

Debug dhcpc packet 255

Debug dhcpc error 255

MHM

0 Helpful

PJ123
Level 1
Level 1
In response to MHM Cisco World

‎04-15-2024 01:41 AM

I will run and post when back onsite...thanks MHM!

PJ123
Level 1
Level 1
In response to MHM Cisco World

‎04-15-2024 01:40 AM

Yes, I can ping the Actual DHCP Server on the different Subnet over the SDWAN Tunnel...

0 Helpful

MHM Cisco World
VIP
VIP
In response to PJ123

‎04-15-2024 01:50 AM

It not issue of ping' we need to know how ASA build unicast dhcp relay packet.

There are many point can make server not reply to asa' that why we need to check debug

MHM

0 Helpful

Elliot Dierksen
VIP
VIP

‎04-15-2024 03:53 AM

I don't know if this is still the case, but I have had issues with getting an ASA to tunnel its own traffic (traffic generated by the ASA). That could be the case since the ASA has has to originate the packet to relay the DHCP request. Long ago, that command was "management-access <inside interface name>". The debug commands suggested by others may give you some information to be certain that is the case.

0 Helpful

PJ123
Level 1
Level 1
In response to Elliot Dierksen

‎04-15-2024 09:45 AM

Thanks Elliot! I will take that into account!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card