10-19-2014 12:44 PM
Hi there,
I'm trying to ascertain how big a DHCP scope I can run on a ASA 5545-X firewall. Currently we have a /24 scope on our firewall servicing our Guest interface(internet access only). There is a need to increase this, but the ASA's dont handle anything bigger then a 24 subnet.
I was looking at implementing /22 scope. Our company is looking at upgrading all the firewalls as well, and im steering towards the ASA 5545-X possibly.
Sorry for the noob question - I have tried looking on the Cisco website but the info that I seek seems limited.
Thanks for your time!
Solved! Go to Solution.
10-20-2014 09:31 AM
Hello.
Yes, you can have up to 256 address for your DHCP pool and you can only configure one DHCP server. What Firewalls are you currently using, by the way?
Let me know if you have additional concerns or e-mail (adawa@cisco.com) me directly. Kind regards.
10-19-2014 02:15 PM
To add to this,
I came across this a few days ago, But dont know whether it applies to the new NG series ASA's?
It states that ALL ASA's are limited to 256 addresses for a single DHCP scope on an interface on the firewall.
http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/basic_dhcp.html#98392
Could someone please clarify?
10-20-2014 09:31 AM
Hello.
Yes, you can have up to 256 address for your DHCP pool and you can only configure one DHCP server. What Firewalls are you currently using, by the way?
Let me know if you have additional concerns or e-mail (adawa@cisco.com) me directly. Kind regards.
10-20-2014 10:55 AM
Thanks for the reply.
Currently we have a few ASA's, but the asa in question is a 5540, which I already know, is limited to only 256 addresses.
I assumed maybe the NG ASA's would manage a bigger scope thats all - Could you please clarify this point?
12-12-2014 08:01 AM
Hello again, HybridTheorynz.
Usually you need to use multiple interface on your ASA (with unlimited users) to support more than 256 DHCP. Let me look into more reference information.
Can you send me an e-mail @ adawa@cisco.com so I can easily send you more reference information?
Kind regards.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: