This document describes the configuration steps for DHCP intercept on the VPN 3000 concentrator.
What is DHCP?
DHCP means Dynamic Host Configuration Protocol and is used to assign IP's autromatically to hosts when connected to a network. DHCP enables a framework which ensures the passing of configuration to hosts on a TCPIP network. DHCP consists of Bootstrap Protocol (BOOTP).
When a host is connected it makes a request to a DHCP server that may or may not reside on the same subnet. The automatic distribution of IP configuration to the hosts make it easy for the network administrator to maintaining IP. DHCP distributes the IP address, subnet mask and default gateway to a host.
A DHCP client has to undergo a six stage process. The stages are mentioned below:
Dynamic Host Configuration Protocol (DHCP) Intercept uses DHCP to provide a Microsoft Layer 2 Tunnel Protocol (L2TP)/IPSec client with a subnet mask, domain name, and classless static routes.
This feature allows the VPN Concentrator to reply directly to the Microsoft client DHCP Inform message. This is useful in environments in which using a DHCP server for this purpose is not advantageous.
This feature can be configured on a per-group basis on the Client Config tab of either the Configuration > User Management > Base Group screen or the Configuration > User Management > Groups > Add or Modify screen.
Note: By default, DHCP intercept allocates a /24 mask. If you need the group to allow for a DHCP proxy subnet larger than a /24, go to Group > Client config > Subnet Mask and specify the required mask.
We have ASA 5545, when we execute show run or show run | in ... , the session hangs and does not come back. this issue happen only in the active unit. The standby mode, session comes back immediately.
I did not have any high CPU, leak memory, ...
I have a customer who's wanting to pull a report of all of his endpoints showing how long they've been inactive. It looks like I can see that attribute individually when looking at an endpoint, but that's not a field available when you export the en...
Hi all,My cisco router RV435 in the “TCP/IP Services” tab is listing below “Established Connection Status” unidentified connections from the WAN1 IP, to the following IPs:184.108.40.206220.127.116.1118.104.22.168compute-1.amazonaws.com13. cloudfront.netmem...
Hi All Having a weird spontaneous issue on some WIndows PC's that are setup for 802.1x. After a complete bootup, ISE logs show that the PC is doing MAB authentication and are failing as expected. If I unplug the network cable and reconnec...
Hi, How to nat all ip's from lan to one public for access to internet?Is command correct without "pat-pool" ? . i dont want to get exhausted message. ASA version 9.10 object network obj-public host 22.214.171.124object network obj-lan&nb...