PIX 501 VPN, Microsoft DHCP scope problem?

julianunderwood · ‎04-30-2006

Hi forum, I apologize if this is a bit off topic. I have a VPN established between two PIX 501 devices. The offsite location is a only two machines (backup servers). The onsite office is a small network which has a MS 2003 server issuing DHCP with a small scope of .50-.90. The problem I am having is as follows:

I can access any machines WITHIN the scope without any problem from the remote location. However, any machines OUTSIDE of the scope (such as the server which is .22) I can't ping or access in any regard. The reverse is true also: any machine in the scope can access the offsite machine, but machines outside the scope cannot.

This problem has to be related to MS DHCP somehow, but I am not sure where to begin? (other than putting machines inside the scope and see it magically become accessable). Thanks for any suggestions,

Julian

smahbub · ‎05-06-2006

Configurable giaddr for Group-Based DHCP. This feature lets an administrator define a network address on a group basis to be used in DHCP proxy address assignments. To use this feature, DHCP proxy must be enabled on the VPN 3000 Series Concentrator. The administrator enters a network address without a subnet mask under group and user configuration. This address indicates to the DHCP server the scope (that is, the range of available IP addresses on the DHCP server) within which to assign the address

Fernando_Meza · ‎05-06-2006

Hi .. have you double check the access-list that defines the interesting traffic .. perhaps you are allowing to/from the addresses on the DHCP scope only.

I hope it helps ... please rate it if it does !!!