DHCP lease and ACL

Unanswered Question
Nov 5th, 2003
User Badges:

1)I am using the following ACL (see below) on inbound traffic via ethernet0 (which interfaces to a motorola cable modem).


2) About the same time every day, my 1721 Router "loses" it's DHCP address from the cable provider(on ethernet0).


3) The only way I can get the router to pick up the DHCP address, is to remove the ACL from ethernet0, wait until the DHCP address is picked up again, and then I have to re-apply the ACL.


4) If I don't use my ACL, the DCHP address works without a hitch.


Any suggestions?


access-list 101 permit tcp any any eq telnet

access-list 101 permit tcp any any eq ftp-data

access-list 101 permit tcp any any eq ftp

access-list 101 permit tcp any any eq smtp

access-list 101 permit tcp any any eq www

access-list 101 permit tcp any any eq echo

access-list 101 permit tcp any any eq pop3

access-list 101 permit tcp any any eq 143

access-list 101 permit tcp any any eq 372

access-list 101 permit tcp any any eq 546

access-list 101 permit udp any any eq 546

access-list 101 permit tcp any any eq 547

access-list 101 permit udp any any eq 547

access-list 101 permit tcp any any eq 647

access-list 101 permit udp any any eq 647

access-list 101 permit tcp any any eq 847

access-list 101 permit udp any any eq 847

access-list 101 permit tcp any any eq 443

access-list 101 permit tcp any any eq 873

access-list 101 permit udp any any eq 873

access-list 101 permit tcp any any eq 8383

access-list 101 permit tcp any any eq 8385

access-list 101 permit tcp any any eq 8484

access-list 101 permit tcp any any eq 9595

access-list 101 permit tcp any any eq 5631

access-list 101 permit udp any any eq 5631

access-list 101 permit tcp any any eq 5632

access-list 101 permit udp any any eq 5632

access-list 101 permit tcp any any eq 5800

access-list 101 permit tcp any any eq 5900

access-list 101 permit udp any any eq echo

access-list 101 permit udp any any eq 20

access-list 101 permit udp any any eq 21

access-list 101 permit tcp any any eq 22

access-list 101 permit udp any any eq 22

access-list 101 permit udp any any eq 23

access-list 101 permit udp any any eq 25

access-list 101 permit udp any any eq domain

access-list 101 permit tcp any any eq domain

access-list 101 permit udp any any eq 80

access-list 101 permit udp any any eq 110

access-list 101 permit udp any any eq ntp

access-list 101 permit tcp any any eq 123

access-list 101 permit udp any any eq 372

access-list 101 permit udp any any eq 443

access-list 101 permit udp any any eq 550

access-list 101 permit tcp any any eq 550

access-list 101 permit tcp any any eq 1984

access-list 101 permit udp any any eq 1984

access-list 101 permit udp any any eq 6346

access-list 101 permit tcp any any eq 6346

access-list 101 permit udp any any eq 8383

access-list 101 permit udp any any eq 8484

access-list 101 permit udp any any eq 8385

access-list 101 permit udp any any eq 9595

access-list 101 permit udp any any eq 5800

access-list 101 permit udp any any eq 5900

access-list 101 permit tcp any any established

access-list 101 permit udp any eq domain any

access-list 101 permit tcp any any eq 3306

access-list 101 permit tcp any any eq 1723

access-list 101 permit icmp any any echo

access-list 101 permit icmp any any echo-reply

access-list 101 permit icmp any any ttl-exceeded

access-list 101 permit icmp any any source-quench

access-list 101 permit icmp any any time-exceeded



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
scoclayton Wed, 11/05/2003 - 10:39
User Badges:
  • Gold, 750 points or more

Wow, heck of ACL. Anyway, try adding the following:


permit udp any any eq 67

permit udp any any eq 68


I think IOS chnages these to bootpc and bootps but I cannot remember. The above should work as well. Good luck.


Scott

synbat Fri, 11/07/2003 - 13:46
User Badges:

Looks like that worked! Thanks! :)

Actions

This Discussion