Changing default gateway on ASA5505 DHCP server

Answered Question
Feb 21st, 2008
User Badges:

How do you configure the default gateway on the ASA5505 DHCP server? By default is the Inside Eth address the deafault gateway? if so can it be changed?

Correct Answer by elparis about 9 years 1 month ago

Sorry for the delay; it took me a couple of weeks to finally be able to try this in the lab...


It is actually possible to configure the DHCP server on a PIX/ASA to provide a default gateway that is different from itself. For example, you could configure the PIX/ASA to send via DHCP a default gateway that is a router or another PIX/ASA.


To do this you use the command "dhcpd option 3 ip " as I originally suggested.


I wasn't sure because I thought I had read somewhere that the PIX/ASA didn't support. Perhaps that was true in pre-7.x software, but I just tested on 7.2.x and it worked just fine.


Cheers,


Eloy Paris.-

Correct Answer by elparis about 9 years 2 months ago

Try setting DHCP option 3. Don't know if it'll work in routed mode. The documentation states using DHCP option 3 is the way to set a default gateway in transparent mode. See this section of the documentation:


http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/dhcp.html#wp1059065


Step 7 there states:


Step 7 (Transparent Firewall Mode) Define a default gateway. To define the default gateway that is sent to DHCP clients, enter the following command.


hostname(config)# dhcpd option 3 ip gateway_ip


If you do not use the DHCP option 3 to define the default gateway, DHCP clients use the IP address of the management interface. The management interface does not route traffic.


Please let us know how it goes.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
abinjola Thu, 02/21/2008 - 11:40
User Badges:
  • Cisco Employee,

If you have DHCP configured on inside Innterface of ASA then the DG assigned to internal machines would be its own IP address (ASA 5505), you can change it

saidfrh Thu, 02/21/2008 - 11:43
User Badges:

How do you change the default gateway?

Thanks.

abinjola Thu, 02/21/2008 - 11:50
User Badges:
  • Cisco Employee,

where do you want to change your DG ? whats configuration on ASA ? Is ASA inside Interface acting as DHCP server ?

saidfrh Thu, 02/21/2008 - 12:32
User Badges:

We have would like the default gateway on the ASA DHCP server to be the MPLS router's Eth int.

Correct Answer
elparis Thu, 02/21/2008 - 12:49
User Badges:
  • Cisco Employee,

Try setting DHCP option 3. Don't know if it'll work in routed mode. The documentation states using DHCP option 3 is the way to set a default gateway in transparent mode. See this section of the documentation:


http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/dhcp.html#wp1059065


Step 7 there states:


Step 7 (Transparent Firewall Mode) Define a default gateway. To define the default gateway that is sent to DHCP clients, enter the following command.


hostname(config)# dhcpd option 3 ip gateway_ip


If you do not use the DHCP option 3 to define the default gateway, DHCP clients use the IP address of the management interface. The management interface does not route traffic.


Please let us know how it goes.


Correct Answer
elparis Thu, 03/06/2008 - 15:25
User Badges:
  • Cisco Employee,

Sorry for the delay; it took me a couple of weeks to finally be able to try this in the lab...


It is actually possible to configure the DHCP server on a PIX/ASA to provide a default gateway that is different from itself. For example, you could configure the PIX/ASA to send via DHCP a default gateway that is a router or another PIX/ASA.


To do this you use the command "dhcpd option 3 ip " as I originally suggested.


I wasn't sure because I thought I had read somewhere that the PIX/ASA didn't support. Perhaps that was true in pre-7.x software, but I just tested on 7.2.x and it worked just fine.


Cheers,


Eloy Paris.-

Actions

This Discussion