I'm trying to get dhcprelay

to work, forwarding from an

inside i/f to a dhcp server beyond the outside i/f.

This works fine when the inside i/f is an access link, e.g. untagged to the next level switch.

When I convert the inside i/f

to a virtual i/f via vlan tagging, the dhcprelay quits working.

A packet capture on the outside i/f shows the request being forwarded, and the reply coming

back. However a capture on the virtual inside i/f never shows the reply packets from the dhcp

server.

This is on a PIX515 running 6.3(4). Here are the pertinent config lines. Any ideas appreciated, I don't want to have to put an additional card into the box if I can avoid it.

thanks,

Peter

interface ethernet1 vlan4000 physical

interface ethernet1 vlan812 logical

nameif ethernet1 tos-trunk security98

nameif vlan812 wlanguest security99

ip address wlanguest X.X.X.X 255.255.248.0

no failover ip address wlanguest

nat (wlanguest) 0 X.X.X.0 255.255.248.0 0 0

static (wlanguest,outside) X.X.X.0 X.X.X.0 netmask 255.255.248.0 0 0

access-group acl_in in interface wlanguest

dhcprelay server Y.Y.Y.Y outside

dhcprelay enable wlanguest