DHCP problems...

lpickard · ‎02-24-2002

Recently our ISP switched our plan from a statically assigned IP to DHCP (that renews the same address). I'm not a CCNA, but the PIX 506 we have was relatively easy to setup. Now that the outside address has to be grabbed from DHCP I'm having problems.

First of all, try the following command

>ip address outside dhcp

And I get:

..................

DHCP command failed

Do I have to clear everything and start over? If so, when setting it back up should the above command work? What are the steps?

I've contacted the ISP and they said that they could see the DSL modem. I also asked them why the PIX was having problems and they said 'Contact your vendor'.

If anyone would like to help me please reply here or email me at luke_pickard@hotmail.com

lpickard · ‎02-25-2002

Ok, more info on the situation.

Turns out that the ISP didn't do something right at their wire center and have basically been telling me to figure it out myself for the past week.

Now the problem is that what do I enter for the NAT, GLOBAL, and ROUTE commands? I just nuked them two seconds ago (finally got my outside ip about 15 minutes ago) so I'm in the process of rebuilding the PIX.

Here's the blank slate I'm working with:

PIX Version 5.2(5)

nameif ethernet0 outside security0

nameif ethernet1 inside security100

enable password xxxxxx encrypted

passwd xxxxxx encrypted

hostname Morinville

fixup protocol ftp 21

fixup protocol http 80

fixup protocol h323 1720

fixup protocol rsh 514

fixup protocol smtp 25

fixup protocol sqlnet 1521

fixup protocol sip 5060

names

pager lines 24

logging on

no logging timestamp

no logging standby

no logging console

no logging monitor

no logging buffered

no logging trap

no logging history

logging facility 20

logging queue 512

interface ethernet0 10baset

interface ethernet1 10baset

mtu outside 1500

mtu inside 1500

ip address outside dhcp

ip address inside 192.168.10.202 255.255.255.0

ip audit info action alarm

ip audit attack action alarm

arp timeout 14400

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 si

p 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

aaa-server TACACS+ protocol tacacs+

aaa-server RADIUS protocol radius

no snmp-server location

no snmp-server contact

snmp-server community public

no snmp-server enable traps

floodguard enable

no sysopt route dnat

isakmp identity hostname

telnet 192.168.10.0 255.255.255.0 inside

telnet timeout 5

ssh timeout 5

terminal width 80

Cryptochecksum:xxxxxx

: end

[OK]

Basically, everything is gone except the ip addresses and telnet.

Any help would be appreciated. I know this is a simple problem but I know virtually nothing about Cisco equipment and last time I did anything with Cisco was when I set this PIX up over half a year ago.

The Default route has been set for the computers on the inside network and now I just need to know what to change on the pix to get it working. If anyone needs the outside ip, masks, or isp gateway I can post those as well.

Thanks

lpickard · ‎02-25-2002

All figured out! Easier than I thought.

d.mcarthur · ‎04-24-2002

I'm a little too late to help I'm glad you figured it out. Remember when troubleshoooting to start simple and go to complex. Think of your job as proving that you are in the right and they are wrong. DSL sometimes goes down because of a variety of issues from line quality to CO equipment. To check DSL first connect it directly to your macine ask your ISP what the configuration is supposed to be before hand. One moore peice of advice never sound frustrated or get upset with a tech you'll be down a lot longer.