Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco 2651 proxy DHCP request across PIX

All:

PPTP VPN client connections are established on a Cisco 2651 router. The 2651 router is conifgured to proxy DHCP requests, on the behalf of the VPN clients, to an internal DHCP server. A PIX has positioned between the 2651 router and the internal network where the DHCP server resides. Prior to the PIX the DHCP address assignment has been working. Following the PIX install it is not.

What config. changes need to be made to the 2651 router to make this work?

What access-list changes need to be made to the PIX to make this work?

Thanks!

  • Other Network Infrastructure Subjects
2 REPLIES
Silver

Re: Cisco 2651 proxy DHCP request across PIX

ip address if_name dhcp [setroute]. Using this command the PIX Firewall will use DHCP to poll for information. Enables the DHCP client feature on the specified interface. For details refer:

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a00800ec9ea.html#xtocid7

The access list commands can be found at:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/ab.htm#xtocid7

However, Support for the DHCP server within the PIX Firewall is also possible. This means the PIX Firewall can use the DHCP to configure connected clients. This DHCP feature is designed for the remote home or branch office that will establish a connection to an enterprise or corporate network.

The dhcpd command controls the DHCP server feature.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/df.htm#38488

New Member

Re: Cisco 2651 proxy DHCP request across PIX

the pix should relay the dhcp broadcasts to the dhcp server in order to achieve the desired result. but this is not going to happen, because the pix has no relay-agent functionality. according to another posting this should be available in 6.3. not earlier.

my suggestion: place a second dhcp-server between 2651 and pix, which will be able to respond to the remote client requests or configure the 2651 itself to do so.

117
Views
0
Helpful
2
Replies