Hi, I have a VPN concentrator in production and one in a lab running code: Version 4.7.2.L Jun 11 2007. Both are set up to use DHCP for remote VPN clients (software VPN). The problem is Cisco VPN clients don't pick up an IP address from the DHCP servers. The DHCP servers tested are a Cisco router and TFTPd32 server. With both of these I get the same error message:
63 11/06/2008 09:50:03.140 SEV=3 DHCPDBG/39 RPT=4
DHCP discover timeout: no response from polled servers
From the DHCP server (TFTPd32) I could get the following logged messages:
Rcvd DHCP Discover Msg for IP 0.0.0.0, Mac 00:03:A0:8A:36:88 [06/11 11:00:50.131]
If you check both DHCP and Address Pools under Configuration --> System --> Address Management --> Assignment --> the concentrator will read those options in order, top to bottom, and use the one it finds
a match with first. So if you specify DHCP and your DHCP server is active it will always
assign addresses via DHCP because that is the first match. It will never look at the
pools you've assigned.
Please let me know if you have a different set up.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...