Re: DHCP and two PIX Interfaces

apaxson · ‎09-10-2002

Would I be able to pass DHCP through two different interfaces on the PIX? Basically, I would like to have my DHCP on the inside interface, to still hand out addresses on my DMZ interface. I realize that it would be more prudent to have another DHCP server residing on the DMZ, but for right now, I just want my internal DHCP hand out the addresses on my DMZ.

I know for normal IOS, I would just use the ip-helper address command. Is there something similar to that for the PIX?

mklaphek · ‎09-11-2002

Hi. I believe that the PIX dhcpd command would work. You would not be able to go to your inside DHCP server, but you would have DHCP functionality on the PIX itself. I've never used this command, so someone please tell me if I'm wrong.

There are restrictions, so please read the docs.

steve.barlow · ‎09-11-2002

DHCP server can only be run on the inside interface, dhcp client only on the outside. The pix also doesn't allow broadcasts through (directed broadcasts - eg destination 10.10.255.255 - yes but not destination 255.255.255.255).

I don't think this is possible, and probably for good reasons.

Steve

steve.barlow · ‎09-11-2002

As a follow up, you could put a router or layer 3 switch (eg 2948G-L3) inbetween the dmz and pix, and use the ip helper-address (makes the broadcast a unicast).

Hope it helps.

Steve