I have several 2600 series routers with the Cisco integrated software (firewall IOS) and am beginning to implement CSPM with my PIX's and IOS routers. My DNCP servers are located on the serial side of the interface, and the lan is located on an ethernet address. While I have used CSPM to allow traffic from the LAN subnets to the DHCP server, the router drops all requests it is seeing incoming to the router from the lan, to all 0's and al 1' (0.0.0.0 255.255.255.255) and therefore dropping the dhcp process (due to CSPM access-list).I have the helper address setup correctly on the router (DHCP to an external server works fine before implementing CSPM). Can anyone tell me how to structure the ruleset to allow dhcp to use the helper address and get an IP from an external server?
Thanks, Jon Sills
WAN Security Ststem
State of Tennessee