DHCP Relay Over IPSEC VPN between a PIX and VPN Concentrator

Unanswered Question
Feb 29th, 2008
User Badges:

Dear all,


I am having problems getting DHCP relay working at a remote site

At the Main site i have a Windows 2003 DHCP Server behind a VPN Concentrator 3005

At the remote site i have a Cico PIX 501.


The VPN is workings correctly and can ping from both ends.


Unfortunately no matter what config i put into the Pix i can't get it to relay to the clients.


the config i have tried on the clients is..


dhcprelay server 192.168.1.1 outside

dhcprelay enable inside

dhcprelay setroute inside


and


dhcprelay server Outside_IP outside

dhcprelay enable inside

dhcprelay setroute inside


and also have included tried both with the following lines in the access lists


access-list inside_nat0_outbound permit ip Outside_IP 255.255.255.255 192.168.1.0 255.255.255.0

access-list outside_cryptomap_10 permit ip Outside_IP 255.255.255.255 192.168.1.0 255.255.255.0


Can anyone help?


Thanks


James

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
criitdept Mon, 03/17/2008 - 04:22
User Badges:

The VPN is working.

I have found a few articles and they have said that i need to setup a GRE VPN over ipsec to allow the dhcp broadcast, unfortunately this requires version 7 of the IOS on the PIX and as i only have a 501, this runs 6.3. so i'm now going to have to rethink my design.


Thanks for your help.


James

gerdpleyer Sat, 06/28/2008 - 06:44
User Badges:

Any update on this?

I almost want to do the same - but doesn't work via vpn.

mathias.mahnke Thu, 02/12/2009 - 08:19
User Badges:

We ran into the same issue. Didn't found any solution either. Any hints welcome.

Actions

This Discussion