I've this problem.
A remote network with a few PCs, connected to our central network through a cisco router, configured with ip helper-address:
ip address 192.168.120.1 255.255.255.0
ip helper-address 192.168.0.3
192.168.0.3 is our dhcp server.
When I configure PC in dhcp mode, I can't see any packet arrive to our dhcp server, and I can see in ASA firewall between router and dhcp server this error:
Jan 07 2011 12:27:39: %ASA-2-106016: Deny IP spoof from (0.0.0.0) to 192.168.0.3 on interface outside
It's a strange behaviour: ip helper-address must use unicast packets from interface ip (192.168.120.1 in this case) to dhcp server; in this case, packets come from 0.0.0.0 address, so asa blocks it.
PCs don't obtain an ip address...
How can I troubleshoot this problem?