DHCP relay is not supported in the Cisco ASA.
Due to this reason, you need to allow DHCP requests and replies through the Cisco security appliance in transparent mode.
This can be achieved by configuring access lists in the firewall.
Configure these two access lists in the Cisco ASA:
| 1. | access-list extended udp any eq 67
This access list allows DCHP requests from the inside interface to the outside. Apply this access list on the inside interface of the firewall. |
| 2. | access-list extended permit udp any eq 67
This access list allows the replies from the server in the other direction. Apply this access list on the outside interface of the firewall. |
If unable to specify a particular destination host due to the client broadcasting a DHCPDISCOVER request on port 68, you can use any any as a source and destination.
View more Cisco How-To Tutorials
Brad Reese is research manager at BradReese.Com, advancing the careers of 1 million certified individuals in the growing Cisco Career Certification Program.
Contact him.
Brad's blogroll
Brad Reese on Cisco archive.
Cisco Subnet
|
|
"DHCP relay is not supported
"DHCP relay is not supported in the Cisco ASA."
You may want to have a look here:
http://www.cisco.com/en/US/docs/security/asa/asa70/command/reference/df.html#wp1652623
Thank you for the link
Excellent.
Thank you for the link.
Sincerely and most gratefully yours,
Brad Reese
http://www.BradReese.Com