Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
902
Views
0
Helpful
2
Replies

dhcp relay in asa through vpn is not working

brinat
Level 1
Level 1

‎09-06-2016 12:55 AM

i have asa in ver 9.0.1 at the site and asa ver 8.2.5 at the center 

when configuring dhcprelay through site to site vpn its not working 

i can see at the center asa the broadcast packet and not the ip of the asa outside interface 

i saw that their is a bug in older version but we are not their 

using another fw instead of the asa at the site works fine 

Labels:
0 Helpful
2 Replies 2

JP Miranda Z
Cisco Employee
Cisco Employee

‎09-06-2016 06:57 PM

Hi brinat,

I am not aware of any known issue with this type of configuration, can you share the tunnel configuration and the dhcp relay config as well?

This document explains all the configuration:

https://supportforums.cisco.com/blog/149511

Hope this info helps!!

Rate if helps you!! 

-JP-

0 Helpful

Shakti Kumar
Cisco Employee
Cisco Employee

‎09-06-2016 11:09 PM

      ,

the concept behind this to be working is pretty simple , we must understand the role of one of the ASA as DHCP relay agent .

From the ASA acting as a DHCP relay agent you should be able to ping the DHCP server from your inside interface , or the interface behind which the DHCP clients are so for example

ping inside 192.168.1.12 , 192.168.1.12 being DHCP server ip address . You just need to ensure that you have inside ip address and destination DHCP server ip address defined in the crypto access-list .

Once we have done that we are clear on crypto side of things and we then need to configure ASA as a DHCP client and the configuration is simple

dhcprelay server 192.168.1.12 outside
dhcprelay enable inside

By doing that we are setting up ASA to act as a relay agent during DORA process (by the use of command :- dhcprelay enable inside) and also defining our DHCP server on outside (dhcprelay server 192.168.1.12 outside)

To understand more on how DHCP server relay operation refer to the document

http://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/116265-configure-product-00.html

Hope that helps

Thanks

Shakti








					
				
			
			
				
			
			
				
			
			
			
			
			
			
		

		
		
	

	
	


	
				
		
			
					
		
	
				
		
			
					
		
	
				
		
			
					
		
	
				
		
			
					
		
			
		
	
				
		
			
					
		
	
				
		
			
					
				
		
			
		
			
					
			
		
				
		
	
	


		

	

		

			

	
		
			
					

	
			

				
		
			
		
			
				

					
						
	
			0
		

	Helpful

					
				

			
			
		

	
		
    	
		

			
				
					
				
				
			
		

	
    
			

		

	

	

	

    

	

	


				
		
	
	


		

			

	
		
			
					
				
		
			
		
			
		
	
	


		

	

		

			

	
		
			
					
				
		
			
					
				
		
			
					
		
	
				
		
			
					
		
	
				
		
	
	


		

	



		

	

	

	




			
		
    
            

                

            

        

	
		

		
	

	

	



	
                

                
				
            
        
    

    
        


	
			
				

					
						

							
		

			

	
			
				
					
				
				
			
		


		

	
							

								
								
							

							

								

	
									
								


							

						

					
				

			
		
	


    
    
        
        
            
        
        
	
    

	

	

	

	

	



				
			
		
		
	
	


		

			

	
		
			        

		
				

        

	


		
			
 
 

		
			
		
			

		
			



  

    

      

        

          
Customers Also Viewed These Support Documents