Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
495
Views
0
Helpful
2
Replies

IPsec VPN DCHP issue

stephen_baugh
Level 1
Level 1

‎11-01-2006 07:48 AM - edited ‎02-21-2020 02:41 PM

Hi

I have ASA5540 configured as an IPSec termination point for VPN clients with addresses being allocated by an external DHCP server.

The Clients pick up IP address but are not recieving other attributes such as WINS, DNS and a domain. I know the DCHP server is responding to the requests as I have captured the traffic.

Any ideas what is causing this ?

Cheers

Labels:
0 Helpful
2 Replies 2

ajagadee
Cisco Employee
Cisco Employee

‎11-01-2006 11:59 AM

Stephen,

If you are assigning IP Address to the VPN Clients via a DHCP Server, the only information that is passed on from the ASA to the VPN Client is the IP Address.

Information such as WINS, DNS, should be configured under the VPN Group the user is connecting to.

I hope it helps.

Regards,

Arul

** Please rate all helpful posts **

0 Helpful

r-frank
Level 1
Level 1

‎05-30-2007 11:16 PM

Stephen,

I am having similar problems, can you send me a capture of traffic going to and from your ASA to you DHCP server and back again. I am getting the following:

200: 12:39:19.190007 10.12.4.35 > 172.29.231.242: icmp: echo request

201: 12:39:22.109964 172.29.5.1.68 > 10.12.4.35.67: udp 548

202: 12:39:26.110025 172.29.5.1.68 > 10.12.4.35.67: udp 548

203: 12:39:31.110116 172.29.5.1.68 > 10.12.4.35.67: udp 548

204: 12:41:28.289902 172.29.5.1.68 > 10.12.4.35.67: udp 548

I think I am missing the DHCP server sending the info back to the ASA....

Cheers

Rick

0 Helpful
Customers Also Viewed These Support Documents