05-30-2008 05:20 AM - edited 03-11-2019 05:52 AM
Hi all,
Is there a fixup in ASA that allows to run a DHCP server inside a NATed ASA.
Here is the scenario;
-Windows DHCP server on the inside
-DHCP client on the oustide
-The DHCP server is translated on the outside
-ip helper-address pointing to the translated IP address of the server
What we observe is the following;
When the DHCP broadcast occurs , the DHCP request is forwarded to the helper address and
the server leases an IP address . In the offer the server also includes it's own (real) IP
address.
Now the clients have an IP , but when it tries to renew, it makes a unicast DHCP call
(udp 67) to the server using the real IP of the server , so the renew fails.
So i would like to know if there is a fixup in the ASA , that would change the DHCP server
IP address for it's translated value in the DHCP offer.
In other words, is there an equivalent of the dns reply modification , but for DHCP.
something like;
static (inside,outside) 209.165.201.10 10.1.3.14 netmask 255.255.255.255 dhcp
thanks
06-05-2008 02:22 PM
Have a look at this this Cisco ASA 5500 Series Adaptive Security Appliances Configuration guide. For your setups.
http://cisco.com/en/US/products/ps6120/tsd_products_support_configure.html
12-30-2014 02:48 AM
I have the same problem, and I agree that a "fixup" option in the ASA would be useful.
However, I found that one solution was to use a special DHCP option 54 (Server Identifier) for the particular DHCP scope. This allows the server to masquerade behind the WAN address, and thus enables the DHCP client to communicate with the DHCP server via unicast.
Hope this helps someone other than me.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide