Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

DHCP Through ASA 7.22 or 8.02 in transparent mode.

Hello,

Was trying to figure out how to permit DHCP through an ASA when it was in transparent mode. I was originally thinking I needed to use DHCPRELAY but its only available in routed mode. I was trying to log everything and see if I could see my dhcp requests go out from the client but don't see anything in the logs.

Does anyone have any recommendations was thinking about doing a packet capture to see what the traffic is comming from the client and then seeing how much of it I see on the other side of the ASA. Any suggestions are appreciated.

All posts will be rated until I get an Answer that works.

Also here is the topology.

Client-->Inside Int|Transparent ASA|Outside Int--->rtr--->DHCP Server

Thanks.

3 REPLIES
Gold

Re: DHCP Through ASA 7.22 or 8.02 in transparent mode.

Note: DHCP relay services are not available in transparent firewall mode. A security appliance in transparent firewall mode only allows ARP traffic through. All other traffic requires an access control list (ACL). In order to allow DHCP requests and replies through the security appliance in transparent mode, you need to configure two ACLs:

*

One ACL that allows DHCP requests from the inside interface to the outside

and

*

One ACL that allows the replies from the server in the other direction

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008075fcfb.shtml

Re: DHCP Through ASA 7.22 or 8.02 in transparent mode.

Hello,

Appreciate your reply, I already read that document though I missed the explicit ACL section for transparent.

Unfortunatly I had already configured the ACL's to allow what I would expect for DHCP well before reading the part about an explicit ACL. It still does not work as expected. I even went so far as to put an acl saying any any on both outgoing and incomming interfaces. I was hopeing someone might have an example already.

New Member

Re: DHCP Through ASA 7.22 or 8.02 in transparent mode.

Hello, Almost same Problem

Server DHCP (Inside) --Transparent-- Clients (Outside)

I did the same, whit the access-list but doesn't work.

Any ideas.

172
Views
3
Helpful
3
Replies