Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
303
Views
0
Helpful
2
Replies

DHCP via IPSec VPN

Bernard Magny
Level 1
Level 1

‎02-25-2004 03:10 AM - edited ‎02-21-2020 01:03 PM

I have a 3725 router as the end of the IPSec VPN and an 827 for the client end. Both with 12.3(6) IOS.

I established a IPSec VPN, and everything seems fine, I can use most application via the VPN like web, mail, ect...

I would like to use a DHCP server on the protected network end (the 3725 end) to assign address to host connected via the 827 router. I don't seem to get this working yet, even with the ip helper-address command. Can some one help me with this problem?

My config files can be made available.

Thanks

Labels:
0 Helpful
2 Replies 2

gfullage
Cisco Employee
Cisco Employee

‎02-25-2004 05:22 PM

You'll need the "ip helper-address" on the inside interface of the 827. Your crypto access-list on the 827 will have to then include a line that has:

access-list 100 permit ip host <827 outside IP address> host

and on your 3725 you'll need the opposite ACL. The DHCP request forwarded by the 827 will have it's outside IP address as the source address, so this needs to be included in the packets that both routers will encrypt.

0 Helpful

Bernard Magny
Level 1
Level 1
In response to gfullage

‎02-25-2004 11:40 PM

On the inside interface of the 827, the "ip helper-address" command to I put the subnat address of the DHCP or the host address like on the access-list?

0 Helpful
Customers Also Viewed These Support Documents