Question : DHCP Relay on Pix 501

Hi,

I have a vpn setup between my main office (site A) and a remote location (site B). My DHCP server (win 2003) is located at my main site behind a Pix 515. I am trying to enable DHCP relay so my clients at site B can obtain IP's. My vpn tunnel is up and working fine, I am able to ping static IP's at both locations.

Every time I make a DHCP request from site B, I see the following log on my pix at site B :

UDP request discarded from 0.0.0.0/68 to inside:255.255.255.255/bootps

So I guess my dhcp request never goes through.

On my Pix at site B, I have enabled DHCP Relay on the outside interface.

dhcpd dns XXX.XXX.XXX.66 XXX.XXX.XXX.7
dhcpd lease 3600
dhcpd ping_timeout 750
dhcprelay server XXX.XXX.2.10 outside

What should I add to let my dhcp requests go through?

Answer : DHCP Relay on Pix 501

Your DHCP requests are not getting through the VPN tunnel because their source IP is 0.0.0.0 and does not match any crypto match acl.
Personal opinion here, but I'd much rather simply let the remote PIX be the remote site's DHCP server instead of trying to relay it through the VPN tunnel.
If you could get it to work through the vpn, and the vpn was down then nobody will get an IP address and the whole site will be down just because the vpn tunnel is down..

Random Solutions

display a message on a cisco 7960 phone

Cannot surf while connected to Cisco Remote access VPN

Set tomcat home

Block (Azureus & bitcomet) From your network

CME incoming external call problem

IBM Java & WebSphere - How Demaded is this Field?

i need help for weblogic server 10 on linux.

VLAN operation using HP Procurve 2524 switches

domain is not available