The internal address is already assigned a /21 (255.255.248.0 mask) which would allow 2046 hosts.  (x.x.8.1-x.x.15.254 for instance).

However, at least using ASDM, it complains about larger than 255 if I use the range x.x.8.30 - x.x.15.254.

I have not tried using the command line to see if it will take multiple address range statements, but I suspect it wont.

Roger

Hello,

One solution to your problem could be to create a second  INSIDE interface  (security-level = 100) on the ASA. Then you can make the new iterfcae as DHCP server in order to serve clients. Please keep in mind that for access from inside (behind old inside interface) to inside (behind new inside interface) would need additional U turn NAT configurations on ASA.

Thanks

Vijaya

"so you can change the dhcp server settings to realize this proposal.  ---- in the dhcp pool xx  + options."

that does not seem to work.

Apprarently the ASA's command takes it in the format    

dhcpd address 192.168.8.10-192.168.8.100 *interface*
dhcpd enable *interface*

no way to configure it as /23? /22?

Please advise

Roger,  as far as I know DHCP feature  has a limitation of address pool per interface  , see guidelines, http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/d2.html#wp1904997

It is  more pratical to used a local DHCP server  for your requirements, if you have Windows AD server DHCP services is free, or you may find 3rd party freeware DHCP servers software out here.  You may also look at dhcp relay feature , see same link above but you will stilll need stand alone DHCP server for that .

Regards