Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4159
Views
0
Helpful
4
Replies

Can a ASA 5520 assign multiple DHCP scopes?

Go to solution
scottbob09
Level 1
Level 1

‎05-07-2009 06:56 AM - edited ‎03-11-2019 08:28 AM

I am setting up a ASA to be a VPN box/router to connect to a remote hub site. This end has a few vlans/IP networks associated with it and the network is not flat. Can I use subinterfaces to somehow make the ASA give out addresses on 3 different IP networks (and dhcp pools) on this end of the tunnel? I was at first thinking I could trunk in the 2 vlans that are "nearby" and handle those that way, but the 3rd _routed_ network on the other side of campus may be more difficult. I know how IP helpers work, but I guess I'm not entirely sure how to make the ASA realize what network the DHCP_request if coming from and which pool to assign it out of.

Scott

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎05-07-2009 07:08 AM

Scott

You can have multiple pools but the clients must be on a directly attached network so the trunked 2 vlans would be fine but not the 3rd routed network.

Also even though you can have multiple IP pools, settings such as DNS server, domain name etc. are configured globally altho this may not be an issue for you -

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/dhcp.html#wp1058874

Jon

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎05-07-2009 07:08 AM

Scott

You can have multiple pools but the clients must be on a directly attached network so the trunked 2 vlans would be fine but not the 3rd routed network.

Also even though you can have multiple IP pools, settings such as DNS server, domain name etc. are configured globally altho this may not be an issue for you -

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/dhcp.html#wp1058874

Jon

0 Helpful

Go to solution
scottbob09
Level 1
Level 1
In response to Jon Marshall

‎05-07-2009 07:19 AM

Right....

So the router (option 3) would be a problem.

humph

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to scottbob09

‎05-07-2009 07:23 AM

Yes it would.

Not ideal but for the 3rd network could you not just use the router to hand out IP's.

Jon

0 Helpful

Go to solution
scottbob09
Level 1
Level 1
In response to Jon Marshall

‎05-07-2009 07:24 AM

Yeah I was just thinking I could use the 6509 up there to hand them out. Not something we typically do, but it could be just fine. Of course since there is just going to be 1 phone and 1 PC piggybacked up there, I can just do static and KISS. :)

Scott

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card