Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPsec VPN DCHP issue

Hi

I have ASA5540 configured as an IPSec termination point for VPN clients with addresses being allocated by an external DHCP server.

The Clients pick up IP address but are not recieving other attributes such as WINS, DNS and a domain. I know the DCHP server is responding to the requests as I have captured the traffic.

Any ideas what is causing this ?

Cheers

2 REPLIES
Cisco Employee

Re: IPsec VPN DCHP issue

Stephen,

If you are assigning IP Address to the VPN Clients via a DHCP Server, the only information that is passed on from the ASA to the VPN Client is the IP Address.

Information such as WINS, DNS, should be configured under the VPN Group the user is connecting to.

I hope it helps.

Regards,

Arul

** Please rate all helpful posts **

New Member

Re: IPsec VPN DCHP issue

Stephen,

I am having similar problems, can you send me a capture of traffic going to and from your ASA to you DHCP server and back again. I am getting the following:

200: 12:39:19.190007 10.12.4.35 > 172.29.231.242: icmp: echo request

201: 12:39:22.109964 172.29.5.1.68 > 10.12.4.35.67: udp 548

202: 12:39:26.110025 172.29.5.1.68 > 10.12.4.35.67: udp 548

203: 12:39:31.110116 172.29.5.1.68 > 10.12.4.35.67: udp 548

204: 12:41:28.289902 172.29.5.1.68 > 10.12.4.35.67: udp 548

I think I am missing the DHCP server sending the info back to the ASA....

Cheers

Rick

123
Views
0
Helpful
2
Replies