Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

RVL200 DHCP option 66 or DHCP relay

There is any possibility to setup TFTP server Name (DHCP option 66) on the RVL200 DHCP server or to setup DHCP relay - forwarding let's say via the IPsec tunnel to a configured DHCP server ?

Everyone's tags (3)
3 REPLIES
Cisco Employee

Re: RVL200 DHCP option 66 or DHCP relay

not near a RVL currently but you should be able to create a firewall rule to allow DHCP accross the tunnel. i do not beleive the RVL has a DHCP realy option, but you should be able to get around that via the firewall rule... OH, no the DHCP server built into the small business routers are just simple and no options can be defined for a scope.

New Member

Re: RVL200 DHCP option 66 or DHCP relay

Do You think  that the DHCP request can be "forwarded" using firewall rules via the IPSEC VPN tunnel ? If Yes the how ? This should be something like dhcp relay (IP helper in Cisco terms)

Cisco Employee

Re: RVL200 DHCP option 66 or DHCP relay

I see what you mean but we are not using the DHCP protocol in any way so I dont think it would be accurate to say it is similar to DHCP relay or  IP helper. Because we are allowing the broadcast packet and will be sent as such not as an unicast as with relay.  All we are going to do is define what interesting traffic is allowed to pass and what is not.

For example:

Single DHCP server with Multiple scopes:

local scope: 172.16.20.0 ==> .20 - .100 (80 addresses)

remote scope: 172.18.20.0 ==> same as above (just for clarification, the GW defined in this scope would be the LAN IP of the remote gateway router)

Rule:

allow port 67 and 68 UDP from to 172.18.20.0 subnet

allow port 53 UDP from to 172.18.20.0 subnet

for TFTP you should not have to create a rule as the client would technically be on the LAN at that point.

and then the reverse for the remote site. if you cant set this please post a screenshot of the access rule web page for the router.

1514
Views
0
Helpful
3
Replies
CreatePlease login to create content