I'm having a big problem getting dhcp relay to work with PIX 7.
2 x PIX 515s(7.0) with a VPN tunnel connecting PIX A and PIX B. PIX A has 5 interfaces and the VPN tunnel terminates on it's inside interface. PIX B has only 2 interfaces and the VPN tunnel terminates on it's outside interface.
The tunnel works fine in all respects but dhcp. PIX B has the client terminals attached to its inside interface. The config for PIX B is as follows:
dhcprelay server 10.222.223.130 outside
dhcprelay enable inside
dhcprelay setroute inside
dhcprelay timeout 60
PIX A receives the request on its inside interface. The dhcp server sits on a lower security interface, and there is a staic mapping of the relevant subnets between the inside and server interfaces.
An acl permits all traffic from the server interface (PIX A) back to the client subnet on PIX B.
Yet a packet trace of PIX B shows the dhcp request leaving but not returning.
A trace of PIX A shows the request coming in AND being responded to by the server on its server interface but then the packet vanishes. i.e no sign of it entering the tunnel back toward PIX B.
I'm finding this hard to analyse as in terms of IP connectivity everything but dhcp works as it should do. Am I missing some dhcprelay config on PIXA?
Any ideas gratefully received. This problem has dragged on for weeks now.