Skip Links

Network World

Brad Reese

How to configure access lists in the Cisco ASA with multiple contexts to allow DHCP

By Brad Reese on Wed, 04/30/08 - 4:21am.

Cisco How-To Tutorials

DHCP relay is not supported in the Cisco ASA.

Due to this reason, you need to allow DHCP requests and replies through the Cisco security appliance in transparent mode.

This can be achieved by configuring access lists in the firewall.

Configure these two access lists in the Cisco ASA:

1. access-list extended udp any eq 67

This access list allows DCHP requests from the inside interface to the outside.

Apply this access list on the inside interface of the firewall.

2. access-list extended permit udp any eq 67

This access list allows the replies from the server in the other direction.

Apply this access list on the outside interface of the firewall.

If unable to specify a particular destination host due to the client broadcasting a DHCPDISCOVER request on port 68, you can use any any as a source and destination.

View more Cisco How-To Tutorials

Contact Brad Reese
http://www.BradReese.Com

Brad's Top 5 Story Picks
# 1. Cisco skills shortage is baloney, expert says
# 2. Q & A with the ex-Cisco star who joined ethernet fabric switching startup, Woven Systems
# 3. Earth Day message from BradReese.Com
# 4. Vyatta: Cisco's product line remains locked up tighter than Fort Knox
# 5. Help on the way for SMB telephony reseller margins being squeezed to death by Cisco
Story Archives Brad Reese on Cisco Story Archives

Cisco Jobs

Cisco Repair

Cisco Resumes

Cisco Power Supplies
  

About Brad Reese on Cisco

Brad Reese cofounded BradReese.Com Cisco Refurbished, which enables affordable Cisco networks globally by assuring customer satisfaction with guaranteed one year warranties on both Cisco Repair as well as Refurbished Cisco.

Don't be shy, contact Brad Reese online or call him at 646-827-1130.

 

Most Discussed Posts

On The Web
Twitter