DHCP Relay/Proxy on Private Interfaces of VPN 3000 Concentrator
I am looking for a solution to provide a Lan-2-Lan VPN Solution using 3000 Concentrator with one centraly managed DHCP Server for all Clients in the network. I though to a proxy function on the concentrator 3.6.1 Release, but unfortunatly this works only for outside Clients requesting a DHCP Address.
Anybody knows anything about a solution? (It's no se hard to implement I think: Like ip helpers an Routers, take a request and form a unicast to send it afterwards through the IPSec Tunnel)
Re: DHCP Relay/Proxy on Private Interfaces of VPN 3000 Concentra
The solution to the issue would lie in using a Router with the 'ip helper-address' command configured on it, so that the DHCP broadcasts are forwarded to the DHCP server.The DHCP requests which are broadcasts are not sent through the tunnel.
I have checked the documentation but haven't found any configurationon the concentrator to implement the ip helper-address functionality, so the Router would be the only choice.
The option for DHCP (Configuration, System, Address Management, and Assignment) is available for VPN Clients connecting to the Public Interface and requiring access to the private network. The Internal users would not be able to use this option.
Here's the doc on configuring the DHCP relay feature on the VPN 3000 concentrator.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :