Cisco Support Community
Community Member

VPN Concentrator & DHCP Server

Dear all

my vpn concentrator is not able to give ip to remote access vpn client. concentrator is acting

as dhcp rely agent. Concentrator priviate interface is connected with a pix firewall dmz who is

also acting as dhcp rely for some other networks in its dmz.

concentrator is able to ping dhcp and all the connectivity is okay.

i m getting following errors while client tries to connect with concentrator.\

1033 01/13/2008 16:48:33.780 SEV=9 DHCPDBG/29 RPT=5452

DHCP poll timeouts routine entered

1034 01/13/2008 16:48:33.780 SEV=9 DHCPDBG/30 RPT=5452

DHCP poll stats: callbacks 0, active CBs 0, total CBs 1

1035 01/13/2008 16:48:34.670 SEV=9 DHCPDBG/15 RPT=44

DHCP task: Timeout type 0, msg 0x7049db8

1036 01/13/2008 16:48:34.670 SEV=8 DHCPDBG/36 RPT=30

DHCP no response to DISCOVER sent to (xid 3684789027)

1037 01/13/2008 16:48:34.670 SEV=7 DHCPDBG/40 RPT=30

DHCP attempt to get next server failed (xid 3684789027)

1038 01/13/2008 16:48:34.670 SEV=9 DHCPDBG/28 RPT=194

DHCP restart servers routine entered

1039 01/13/2008 16:48:34.670 SEV=9 DHCPDBG/38 RPT=45

DHCP obtained first server port 67 (xid 3684789027)

1040 01/13/2008 16:48:34.670 SEV=8 DHCPDBG/46 RPT=45

DHCP sending DISCOVER to server port 67 (xid 3684789027)

kindly help me out. I cant disable dhcp rely on pix bcz other subnet will suffer.

my dhcp server is working fine and assigning ip to rest of all my network.

please help me out.

dhcp server address is

pix dmz ip


static (inside,edn) netmask

access-list nonat extended permit ip

access-list nonat extended permit ip

access-list nonat extended permit ip

access-list nonat extended permit ip

nat (inside) 0 access-list nonat

dhcp filter is applied on concentrator public interface. DHCP rely is enable.


Re: VPN Concentrator & DHCP Server

Make sure that the DHCP server is mentioned in the concentrator. Check if all of the following steps are accomplished

Under Configuration | System | Servers | DHCP make sure that the server is set , Under: Configuration | System | IP Routing | DHCPthat DHCP is enabled and under: Configuration | System | Address Management | Assignment Use DHCP is checked.

Community Member

Re: VPN Concentrator & DHCP Server


thanks for the reply. Everything is configured. This is a bug in 7.2(3)8. It few times works or few times not. I have contact with cisco tac and they told me about this. they are working on it.

CreatePlease to create content