cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
648
Views
0
Helpful
7
Replies

dhcp server for pix

rpalacio
Level 1
Level 1

dhcp server----pix-----dhcp clients

is it possible to have a dhcp server machine located on say the inside interface and the dhcp clients are on the dmz?

thanks

1 Accepted Solution

Accepted Solutions

a feature named dhcprelay should resolve your issue. i've done the opposite, i.e. the dhcp server on the outside and the client on the inside. nonetheless, i guess the command "dhcprelay" should do.

e.g.

dhcprelay server 192.168.2.2 inside

dhcprelay enable dmz

View solution in original post

7 Replies 7

s.elmrabet
Level 1
Level 1

Hi Palacio

You cannot do this because the inside interface and the DMZ are on different broadcast domai!! you can use the pix as dhcp server on the DMZ interface but I don't know you architecture or you need.

Best Regards

what i was planning is putting a static command

static (inside, dmz) 192.168.2.2 192.168.1.2

where 192.168.1.2 is the dhcp server in the inside

and 192.168.2.2 is the ip address traslation to the dmz.

i understand that dhcp queery is on broadcast, and by this rule if my users on the dmz are doing this queery, isnt it 192.168.2.2 will catch that traffic and forward it to the dhcp server coz it was map into it by our static command?

No the pix act on layer 3 and above dhcp (boadcast) is layer 2, and when using access-list you specify IP, TCP or UDP you cannot specifie DHCP!!!

My question is why you need DHCP if you use the pix as dhcp server dose it solve your problem?

Regards

customer dont want to put the dhcp burden on the pix. hence he has a dedecated dhcp machine

the way i posted is to relay the dhcp request. i.e. when pix receives the dhcp request broadcast from dmz interface, it will then relay the request to the pix inside interface dhcp server. in other words, pix doesn't act as a dhcp server, but a dhcp relay agent.

a feature named dhcprelay should resolve your issue. i've done the opposite, i.e. the dhcp server on the outside and the client on the inside. nonetheless, i guess the command "dhcprelay" should do.

e.g.

dhcprelay server 192.168.2.2 inside

dhcprelay enable dmz

great answer..ive tried both directions and its ok..

thanks a lot.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: