Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
412
Views
0
Helpful
2
Replies

PIX VPN Site-to-site with dhcprelay

sjdixon
Level 1
Level 1

‎05-26-2005 02:44 PM

How do I get dhcprelay traffic to be included in a PIX IPSec site-to-site tunnel? The dhcprelay server traffic needs to flow across the tunnel. Should the IP address of the DHCP server be included as a destination? What should the source IP address be for the flow to the DHCP server?

Labels:
0 Helpful
2 Replies 2

ebreniz
Level 6
Level 6

‎06-01-2005 10:45 AM

You need to include this traffic in the " interesting traffic" definitions. I assume that you have the DHCP relay agent on one side (location A) and the DHCP server on the other side(location B).

On location A;

The source will be the IP address of the DHCP relay agent and destination will be that of the DHCP server.

On location B;

The source will be the IP addres of DHCP server and destination will be that of DHCp relay agent.(mirror of loc A)

0 Helpful

sjdixon
Level 1
Level 1
In response to ebreniz

‎06-01-2005 11:48 AM

Thanks for the reply. I was able to get this working by adding an access-list entry for the tunnel using the outside IP of the DHCP Relay PIX to the IP address of the DHCP server plus the mirror of that access-list entry on the central site PIX that anchors the tunnel.

0 Helpful
Customers Also Viewed These Support Documents