DHCP Relay Over IPSEC VPN between a PIX and VPN Concentrator

Unanswered Question
Feb 29th, 2008
User Badges:

Dear all,

I am having problems getting DHCP relay working at a remote site

At the Main site i have a Windows 2003 DHCP Server behind a VPN Concentrator 3005

At the remote site i have a Cico PIX 501.

The VPN is workings correctly and can ping from both ends.

Unfortunately no matter what config i put into the Pix i can't get it to relay to the clients.

the config i have tried on the clients is..

dhcprelay server outside

dhcprelay enable inside

dhcprelay setroute inside


dhcprelay server Outside_IP outside

dhcprelay enable inside

dhcprelay setroute inside

and also have included tried both with the following lines in the access lists

access-list inside_nat0_outbound permit ip Outside_IP

access-list outside_cryptomap_10 permit ip Outside_IP

Can anyone help?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
criitdept Mon, 03/17/2008 - 04:22
User Badges:

The VPN is working.

I have found a few articles and they have said that i need to setup a GRE VPN over ipsec to allow the dhcp broadcast, unfortunately this requires version 7 of the IOS on the PIX and as i only have a 501, this runs 6.3. so i'm now going to have to rethink my design.

Thanks for your help.


gerdpleyer Sat, 06/28/2008 - 06:44
User Badges:

Any update on this?

I almost want to do the same - but doesn't work via vpn.

mathias.mahnke Thu, 02/12/2009 - 08:19
User Badges:

We ran into the same issue. Didn't found any solution either. Any hints welcome.


This Discussion