If you have site to site VPN between the 2 sites, you would need to configure the dhcprelay server on the inside interface so the dhcp unicast request can be sourced from the inside interface as the crypto ACL is normally defined between local LAN and remote LAN.
You would need to configure the following:
dhcprelay server 10.25.4.15 inside
dhcprelay enable inside
dhcprelay setroute inside
Also, you want to make sure that the ASA is not configured as a DHCP server itself, as DHCP server feature and DHCP relay feature can't co-exist.
Here are a couple more restriction on DHCP relay feature on ASA for your reference:
I'm trying a similar config (site to site between two 5510, remote site should pull DHCP addresses from head office) but cannot issue the commands listed as the ASA won't configure the relay components like that. Have I missed something incredibly obvious?
If I try to create the server group and then enable relaying: Stratfw(config)# sh ru | grep dhcprelay dhcprelay server 192.168.1.51 inside dhcprelay setroute inside dhcprelay timeout 60 Stratfw(config)# dhcprelay enable inside DHCP: There is a DHCP Server '192.168.1.51' configured on interface 'inside'! DHCP Relay cannot receive DHCP requests and forward them on the same interface.
Or if I try to enable relaying and then the server group:
Stratfw(config)# sh ru | grep dhcprelay
dhcprelay enable inside dhcprelay setroute inside Stratfw(config)# dhcprelay server 192.168.1.51 inside DHCP: DHCP RELAY SERVER is already enabled on interface 'inside'! DHCPRA cannot receive DHCP requests and forward them to a server on the same interface. DHCP: Interface 'inside' is currently configured as RELAY SERVER and cannot be changed to a RELAY by a RELAY feature
Hello gregbeifuss, I just came across your post regarding the error you get when trying to enable dchprelay on the INSIDE port. I am having the same issue with an ASA 5505 and I was wondering if you found a solution to you problem that you can share? It's driving me nuts and I can't seem to find any solutions to this issue. Any help is appreciated! Thanks, Marv
dhcprelay server 192.168.1.100 LAN dhcprelay setroute LAN dhcprelay enable LAN
DHCP: There is a DHCP Server '192.168.1.100' configured on interface 'LAN'! DHCP Relay cannot receive DHCP requests and forward them on the same interface.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...