Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

acl help (dhcp breaks)

Bear with me on this:

here is some of the conifg from a 1710:

interface Ethernet0

ip access-group 102 in

access-list 102 permit udp 172.17.32.0 0.0.0.255 host 192.168.105.7 eq 53

access-list 102 permit tcp 172.17.32.0 0.0.0.255 any eq www

access-list 102 deny ip any any log

Ethernet0 is a private connection which is intended to allow guest access to the internet, without any access to the local network. The ACL I applied seems to be working as intended, except for the fact that DHCP will not work to E0. ANy ideas why?

Thanks in advance!

  • Other Network Infrastructure Subjects
1 REPLY
Bronze

Re: acl help (dhcp breaks)

Is the DHCP server on the same net as ethernet0 ?

Are you using IP helper to forward DHCP requests to the DHCP server. ?

If the DHCP server is on a different net and you are using the DHCP relay ( ip helper-address ) feature then add something like this to the acl

permit udp any host 255.255.255.255 eq bootpc

If the DHCP server is on the same net as Ethernet0, then you may want to sniff the traffic going to the DHCP server to find out why it is not providing addresses to the clients.

94
Views
0
Helpful
1
Replies
This widget could not be displayed.