Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA VPN DHCP parameters

I'm doing a vpn with a configuration like this one:


tunnel-group VPN_IL general-attributes


Problem is that I do get my IP address from the corporate DHCP server (even if I have to cross the entire WAN) but all the other information are not pass to the PC. ie DNS values, WINS values, domain none of those info seems to be pass. According to a capture those are push by the DHCP server but somehow the ASA is not relaying that to the PC.

I did change the inherit value in ASDM and this seems to work at least for the domain and DNS values.

Can someone explain the process from the PC requesting and IP address and the ASA doing the actual request to main DHCP server. Is there particular option that need to be set on the DHCP since the PC is not directly issuing the request.

And what is the difference between that process and the DHCP and DHCP relay feature in the ASA.

Cisco Employee

Re: ASA VPN DHCP parameters

This is expected behaviour. The ASA will only use a DHCP server for assigning an IP address to the client, and will therefore ignore all other information sent from the DHCP server. If you want to assign DNS/WINS/etc parameters to the VPN client then you do this via commands under the specific group-policy:

group-policy examplepolicy internal

group-policy examplepolicy attributes



   default-domain value

See for all the parameters you can define.