DHCP does not work when ACL is applied on Cisco SG220-26P

ThiruNathan18584 · ‎07-14-2020

Hi,

I have a device connected to port 6(VLAN 6), which has ACL "EXEC" applied. Up link port 25 is connected to Meraki MX and port 25 does not have any ACL. Meraki MX is the DHCP server. However, device connected on port 6 does not receive IP address from DHCP Server. After trying various options, I finally decided to let all traffic to pass through on "EXEC" ACE and it still failed to receive an IP address.

It only receives IP address when I remove the ACL from port 6. Could anyone help me to rectify this issue?

Any suggestions are appreciated.

Switch - Cisco SG220-26P

balaji.bandi · ‎07-14-2020

it is bit trick one, had seen in the past with other switches, not sure if that works in SG220

since the device does not have an IP address to match any ACL, so it looking for broadcast address 255.255.255.255 to get an IP address.

Make a New ACE rule simple to test, "permit ip host 0.0.0.0 host 255.255.255.255" or "permit udp host 0.0.0.0 host 255.255.255.255 eq bootpc"

let us know how it goes.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

ThiruNathan18584 · ‎07-15-2020

No luck, this switch only has ACL IN. Also I already had implemented anyIP
anyIP as you see in the attached screenshot. I strongly believe it has
something else to do with it.

balaji.bandi · ‎07-15-2020

I was thinking other option - is this switch pure L2 extend till Meraki, it has also Layer 3 interface configured.

if Layer3 interface configured, configure DHCP relay so it can direct the client to MX

just suggestion.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help