Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
489
Views
0
Helpful
1
Replies

Setting up CSPM to allow dhcp requests to an external server?

j-sills
Level 1
Level 1

‎12-03-2001 02:04 PM - edited ‎03-08-2019 09:19 PM

I have several 2600 series routers with the Cisco integrated software (firewall IOS) and am beginning to implement CSPM with my PIX's and IOS routers. My DNCP servers are located on the serial side of the interface, and the lan is located on an ethernet address. While I have used CSPM to allow traffic from the LAN subnets to the DHCP server, the router drops all requests it is seeing incoming to the router from the lan, to all 0's and al 1' (0.0.0.0 255.255.255.255) and therefore dropping the dhcp process (due to CSPM access-list).I have the helper address setup correctly on the router (DHCP to an external server works fine before implementing CSPM). Can anyone tell me how to structure the ruleset to allow dhcp to use the helper address and get an IP from an external server?

Thanks, Jon Sills

WAN Security Ststem

State of Tennessee

Labels:
0 Helpful
1 Reply 1

r-simpson
Level 3
Level 3

‎12-10-2001 06:40 AM

You won’t get DHCP through your PIX and I don’t think CBAC (IOS Firewall) will allow it either. You’ll likely need another DHCP server inside or re-think the topology a bit.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents