09-20-2007 04:52 AM - edited 02-21-2020 01:41 AM
Hi all,
I have an ASA5510 which serves as an DHCP relay for L2TP/IPSec VPN Clients. The VPN clients connect to a CVPN3005 concentrator on one off the dmz segments on the ASA. The concentrator then does a DHCP request for the client to an DHCP server on the inside network.
The problem is: I get an IP address but none of the DHCP options (classless routes, DNS servers, domainname).
I had the same configuration with running with a PIX515 and all worked well.
Can anyone tell me what the problem is?
Regards, Frank
09-26-2007 08:52 AM
Check if you have configured the commands properly and have enabled the command "vpn-addr-assign dhcp" in ASA, which is disabled by default. Following link may help you regarding DHCP addressing for Clients
http://www.cisco.com/en/US/docs/security/asa/asa71/configuration/guide/vpnadd.html
09-27-2007 12:03 AM
Thanx for the reply!
However in our config the ASA only acts as a DHCP relay. It passes DHCP requests from the CVPN3005 on a DMZ interface to a DHCP server on the inside network.
The vpn-addr-assign command is, as far as I know, only used when client VPN's are terminated on the ASA itself which is not the case here. Remember: I get an DHCP address but not the, in the scope specified, DHCP options.
Could it be that I have to set 'dhcpd auto_config'? Is this a global DHCP option which is used by 'dhcpd' as well as 'dhcprelay'?
regards, Frank
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: