Cisco Support Community
Community Member

DHCP snooping with ASA as dhcp relay

Dear *, I have a layer 2-2960 switch where all my dhcp clients are connected. On this same switch i have a windows DHCP server also. I have created sub-interfaces on the ASA firewall which is the default gateway for clients and servers. My client vlan is 21 and servers vlan is 501. i have enabled DHCP snooping for vlan 21 and put the server port as dhcp snooping trusted. I have a P2P vlan between the 2960 switch and ASA for management so there are no client / server SVI on the switch. I have configured the firewall a dhcp relay point to the server which connected to the 2960 switch and enable relay on the client sub-interface on ASA. Now the clients are not getting the IP from the server but as soon as remove the DHCP snooping for vlan 21 onthe 2960 switch the clients get the IP. I even enabled dhcp snooping trusted on the trunk link between switch and ASA but still nothing. Any ideas? Is this related to option 82 maybe? Thanks, Aamir

Everyone's tags (4)
Community Member

Hi, enable below command at


enable below command at ASA on global configuration mode:

"dhcprelay information trust-all"

It will work

CreatePlease to create content