Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

DHCP Relay from ASA5510 to Win 2008r2 - Not working

Hi,

I'm trying to set up an ASA5510 to relay DHCP requests to our Windows 2008 r2 DHCP server.

The DHCP server is on the inside network at 10.0.0.3 and has a scope setup for 10.0.50.0/24, address pool 10.0.50.50 - 10.0.50.100 

The clients are on vlan 2. These clients were working ok, able to access the internet etc when assigned an IP from the ASA's DHCP server (now disabled).   

interface Ethernet0/1
nameif inside
security-level 100
ip address 10.0.0.1 255.255.255.0
!


interface Ethernet0/2.2
description Low access netowork for guest pcs allows internet access only
vlan 2
nameif VLAN2-GUESTS
security-level 1
ip address 10.0.50.1 255.255.255.0
!

 

Turning on DHCP debug logging, I can see that the DHCP requests are reaching the ASA and apparently being correctly relayed to 10.0.0.3

DHCPD: setting giaddr to 10.0.50.1.

dhcpd_forward_request: request from 000e.7b7b.fce5 forwarded to 10.0.0.3.

DHCPRA: relay binding found for client 000e.7b7b.fce5.

DHCPD: setting giaddr to 10.0.50.1.

dhcpd_forward_request: request from 000e.7b7b.fce5 forwarded to 10.0.0.3.

DHCPRA: relay binding found for client 000e.7b7b.fce5.

DHCPD: setting giaddr to 10.0.50.1.

dhcpd_forward_request: request from 000e.7b7b.fce5 forwarded to 10.0.0.3.

DHCPRA: relay binding found for client 000e.7b7b.fce5. DHCPD: setting giaddr to 10.0.50.1.
dhcpd_forward_request: request from 000e.7b7b.fce5 forwarded to 10.0.0.3.
DHCPRA: relay binding found for client 000e.7b7b.fce5.
DHCPD: setting giaddr to 10.0.50.1.
dhcpd_forward_request: request from 000e.7b7b.fce5 forwarded to 10.0.0.3.
DHCPRA: relay binding found for client 000e.7b7b.fce5.
DHCPD: setting giaddr to 10.0.50.1.
dhcpd_forward_request: request from 000e.7b7b.fce5 forwarded to 10.0.0.3.
DHCPRA: relay binding found for client 000e.7b7b.fce5.

However, the ASA doesn't get a reply and the logs on the DHCP server show no address being leased. The ASA can ping 10.0.0.3, I've tried disabling the Windows firewall on the DHCP server. The clients fail with a request timed out message. It seems that either the request isn't making it to the DHCP, or the DHCP server is ignoring it. Between the ASA and the DHCP server there is just a couple of switches, no routers. If I set the inside interface to receive it's IP by DHCP it sucessfully gets one from another scope on the DHCP server.

So, I'm puzzled why this isn't working, it should be a simple setup. Can anybody help??

Thanks,


Tim

3 REPLIES
New Member

DHCP Relay from ASA5510 to Win 2008r2 - Not working

Ok, I figured this out.

I was using my production DHCP server for testing. This didn't have the ASA set as it's default gateway as the ASA is not in production yet. It looks like the DHCP reply is addressed back to 10.0.40.1 - i.e. the DHCP server must have a route to it.

Adding a static route on my Windows DHCP server resolved the problem

route ADD 10.0.40.0 MASK 255.255.255.0 10.0.0.1

New Member

Hi

Hi

I am facing same problem from Dhcp please help us

Cisco Employee

Hi,

Hi,

Please share the issue in detail and provide the dhcprelay configuration from ASA.

As mentioned, check if the default route is present on DHCP server pointing towards ASA interface.

- Try taking dhcp debugs on ASA and provide the output here.

Regards,

Akshay Rastogi

2275
Views
0
Helpful
3
Replies
CreatePlease to create content