03-17-2006 11:10 AM - edited 03-03-2019 02:20 AM
My 831 router aquires its address from comast via DHCP. I have applied an access list to the ethernet port it resides on. I am trying to figure out what I need to put in the access-list to allow comcasts DHCP server to contact my ethernet port.
I have used the following...
access-list 151 permit udp any any eq 67 log
access-list 151 permit udp any host 255.255.255.255 eq 67 log
access-list 151 deny ip any any log
They don't seem to work.
Thanks for any help!
Solved! Go to Solution.
03-20-2006 04:51 PM
the DHCP client begins broadcasting requests for configuration information. By default, these requests are on UDP port 68.
The server replies on UDP 67
So, actually the configuration for the ACL depends on the direction you are applying it.
Just dont forget about the client broadcasting on port 68 to get to the dhcp server.
HTH
Vlad
03-19-2006 11:17 AM
HI, Although you have enabled the UDP on port eq 67, you are denying any IP traffic on the ethernet interface. SO although you are letting the router aquire the IP address, all IP traffic is getting denyed. Hence your router shall not respond to any IP traffic. I am sure, you see the drops on your debug.
Please apply access-list 151 permit ip any any. And it should start working.
HTH.
03-20-2006 04:51 PM
the DHCP client begins broadcasting requests for configuration information. By default, these requests are on UDP port 68.
The server replies on UDP 67
So, actually the configuration for the ACL depends on the direction you are applying it.
Just dont forget about the client broadcasting on port 68 to get to the dhcp server.
HTH
Vlad
03-20-2006 08:04 PM
access-list 151 permit udp any any eq 67 log
Ok, this is the only thing I need in the access list since its the inbound access list on the Dialer interface, I am allowing all outbound traffic. Is there a specific command to make sure that the Dialer interface can broadcast UDP packets out of port 68?
Thanks a million for your help/
03-21-2006 01:27 PM
What kind of connection do you have?
I guess this would depend on the dialer-list you have set.
I think you need it in order to make the calls , right?
I'm not very familiared with dialer stuff configuration, but could you give us more information about the topology/configs that you have?
Vlad
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: