No DHCP received from Windows 2003 server

Unanswered Question

I am having a problem with my 2821. I am trying to have my connecting cleint on VPN use a dhcp scope on a windows 2003 server. If I have the cleint connect with a fixed ip everything works fine. However when you ask to use a dhcp address the client times out getting an address.

The DHCP server serves up address to the rest of the network fine just not to VPN cleints. The cleints are using the native window Cleint

Here is the config on the router:

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname XXXXX

!

boot-start-marker

boot system flash c2800nm-adventerprisek9_sna-mz.124-23.bin

boot-end-marker

!

logging buffered 51200 warnings

!

aaa new-model

!

!

aaa authentication ppp default local

aaa authorization network default if-authenticated

!

aaa session-id common

clock timezone MDT -7

clock summer-time MDT date Apr 6 2003 2:00 Oct 26 2003 2:00

!

!

ip cef

!

!

ip name-server 10.4.0.10

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

ip address-pool dhcp-proxy-client

ip dhcp-server 10.4.0.10

!

vpdn enable

!

vpdn-group 1

! Default PPTP VPDN group

accept-dialin

protocol pptp

virtual-template 1

!

!

!

voice-card 0

no dspfarm

ip ssh time-out 60

ip ssh authentication-retries 2

!

!

!

!

!

interface Loopback0

ip address 172.16.48.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface GigabitEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$

ip address 10.4.0.4 255.255.0.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface GigabitEthernet0/1

description $ETH-WAN$

ip address xx.xx.xx.xx 255.255.255.248

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface Virtual-Template1

ip unnumbered GigabitEthernet0/1

ip helper-address 10.4.0.10

ip nat inside

ip virtual-reassembly

peer default ip address dhcp

ppp encrypt mppe auto required

ppp authentication ms-chap ms-chap-v2

!

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 216.129.91.17

ip route 10.0.0.0 255.255.0.0 10.4.0.1

!

!

ip http server

ip http authentication local

no ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip nat inside source list 110 interface GigabitEthernet0/1 overload

!

access-list 110 permit ip 10.0.0.0 0.255.255.255 any

access-list 110 permit tcp any any

access-list 110 permit ip any any

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

line con 0

line aux 0

line vty 0 4

privilege level 15

transport input telnet ssh

line vty 5 15

privilege level 15

transport input telnet ssh

!

scheduler allocate 20000 1000

!

end

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
dgeorgeadis Thu, 01/22/2009 - 04:46

Check to see if the Windows server ever sees the DHCP request with an ethereal or similar network snoop. If it does get the request, does it reply?

That should narrow down where the problem is.

Here is the iformation in the DHCP log from the server.

10,01/22/09,13:51:17,Assign,10.4.20.29,EXTREMENET.extreme.eng,72737465656765,

12,01/22/09,13:51:23,Release,10.4.20.29,EXTREMENET.extreme.eng,72737465656765,

As you can see it does get an ip but does not send it to the host. Also every cleint shows up as the routers name instead of the computers name. The mac address seems to be wrong too. I am at a bit of a loss on this one.

After much searching I found one of the problems. DHCP was not working because it was requesting from the wrong interface.

In the configuration listed above this is shown:

!

interface Virtual-Template1

ip unnumbered GigabitEthernet0/1

It should have been:

interface Virtual-Template1

ip unnumbered GigabitEthernet0/0

Changed this one item and dhcp is now working.

However all vpn host now show up in the DHCP tables as the routers hostname.

I ahve been trying to find the comand to alow for the AAA loacl username to be used instead of the default witch the router proxyes its own name.

Any one have any idea on this?

Actions

This Discussion