Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)

UDP Broadcast Traffic from Cisco ASA

Hi,

I want to know that, like Cisco IOS Router, Does Cisco ASA pass the UDP Broadcast traffic e.g., TFTP etc...?

Any thoughts ???

BR,

Mubasher Sultan

4 REPLIES
Purple

UDP Broadcast Traffic from Cisco ASA

Hi,

if you mean is there a ip helper-address like command, the answer is no. It can only function as a DHCP relay with the commands:

dhcprelay server x.x.x.x "interface name"

dhcprelay enable "interface name"

Regards.

Alain

Don't forget to rate helpful posts.

UDP Broadcast Traffic from Cisco ASA

Hi,

Thaxs for the reply...

then, what shud be the work around? My issue is that,

I have an pxe-client that is connected with Cisco ASA on one interface & DHCP server is on another. DHCP Server is supplying the TFTP Addresses. Moreover, TFTP Servers are also conected to Cisco ASA but on third interface. In this case, what could be the work around to pass the UDP broadcast for TFTP across the ASA?

Any thoughts...

BR,

Mubasher Sultan

Purple

UDP Broadcast Traffic from Cisco ASA

Hi,

if the machine has got the tftp IP address then it will be unicast not broadcast. The only broadcast I see here is the BOOTPREQUEST from the PXE client.

Can you be more precise ?

Regards.

Alain

Don't forget to rate helpful posts.
Community Member

UDP Broadcast Traffic from Cisco ASA

Hi Mubasher,

Unlike the router the ASA does not forward any kind of broadcast packet (with the exemption of the DHCP broadcasts when DHCP Relay is enabled).

I understand that your DHCP server is providing here the IP address for your TFTP servers. I guess you are using DHCP option 150.

So if the DHCP server is on one interface and the client is on another you can configure DHCP Relay on your ASA.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008075fcfb.shtml

In regards of the TFTP requests these will be normal unicast packets as Cadet said so just make sure that you have the proper ACLs and NAT rules for that.

2065
Views
0
Helpful
4
Replies
CreatePlease to create content