Cisco Switching/Routing :: 819 Router - NAT With DHCP
May 12, 2013
I am a newbie to Cisco. I am trying to setup NAT with DHCP in our office on CISCO 819 router. I am having a problem with DHCP not assigning an IP on vlan1. I cannot figure out what i'm doing wrong. Below is my config and debug from DHCP.
router#sh config
Using 4328 out of 262136 bytes
!
! Last configuration change at 05:56:39 UTC Mon May 13 2013 by cisco
! NVRAM config last updated at 05:57:16 UTC Mon May 13 2013 by cisco
[Code]....
View 3 Replies
ADVERTISEMENT
Apr 3, 2012
Have a client wanting to hand out public ip addresses to all clients from a PFSense Firewall terminating the internet connection.
How do I allow the Cisco Switches currently in place, configured with private ip addresses in the 10.10.x.x ranges and Vlans, where the main 3550 layer 3 has defined dhcp scopes for each vlan, to relay dhcp requests from all vlans to the PFSense firewall?
I assume I would take off the currently defined dhcp scopes for the vlans and configure each vlan/switch with the ip helper address and specify the PFSense firewall and that Nat would have to be disabled onthe firewall?
View 1 Replies
View Related
Nov 11, 2012
I have some DHCP trouble since I subnetted my network with a 2921. My clinets are in 172.16.2.0/23 and DHCP servers are in 172.16.5.0/24.Sometimes, randomly I guess, I get NACK from my DHCP server, and if I look into DHCP logs I got something like this:
15,11/09/12,09:52:27,NACK,172.16.3.172,switchE51D12.host.com,A0CF5BE51D12,,0,6,,,,,,,,
15,11/09/12,09:52:28,NACK,172.16.3.172,switchE51D12.host.com,A0CF5BE51D12,,0,6,,,,,,,,
15,11/09/12,09:52:29,NACK,172.16.3.172,switchE51D12.host.com,A0CF5BE51D12,,0,6,,,,,,,,
[code]....
View 6 Replies
View Related
Jan 2, 2013
I have setup a 4500 series core/router.. the customer decided to run dhcp off the router for whatever reason... I have 20 different scopes handing out to their vlans. Does each vlan interface need an helper address?
vlan 1 on router is 10.85.0.1
i used the ip dhcp-server command pointed to 10.85.0.1
and then for ex.
int vlan 20
ip add 10.85.20.1 255.255.248.0
ip helper-address 10.85.0.1
i am now getting a loopback error on the router, and i believe this is the cause...
View 2 Replies
View Related
Nov 18, 2012
in my simple network setup, I cannot resolve DNS queries from inside my NATted network. On the router I can ping both IP-addresses and names. Ping from the local machine works for IP-Adresses but not for names. When doing nslookup, addresses are not found and a SERVFAIL message is returned. I use a Cisco ISR 861 Router to connect our local LAN to the Internet (The WAN of the 861 is connected to another DHCP/NAT-Router, which in turn connects to the ISP-Modem). Addresses in the local LAN are DHCP-distributed, the DNS-Servers from my ISP are configured on the Router and the DNS-Information is distributed correctly to my local LAN machines (as I can verify by doing nslookup on Linux).
View 21 Replies
View Related
Jul 9, 2012
Is it possible to configure an 881 router to act as a DHCP server to 4 VLAN's each with a different scopes all through a single ethernet interface?
View 2 Replies
View Related
May 1, 2012
I am going to get some wyse thin clients up and running on our departments. Each department communicate with the main-office through Cisco C1812 routers.
In order to get functionally DHCP up and running, I need to
A - Configure some Dhcp options on the C1812 routers
B - Perform a DHCP relay from each department to the main-office
Option B will cause some additional issues, so is not preferred.
The question is: Does the Cisco DHCP-client have an option for configuring DHCP options? I need to put in among others, an option 161, a string value pointing to a ftp-server. Can this be done? And if it can, what is the right syntax
I have recently started working here, therefore I am not certain of the IOS-version on the router, as I still not have the logon-information, but I will aqquire this shortly.
View 4 Replies
View Related
May 2, 2012
i'm interested if it's possible to set the NTP server via DHCP on an 2901 Router with 15.2(2) image.
i configured the interface gigabit 0/0 as dhcp client. The DHCP Server sends to me DNS, Default GW and NTP. All is working fine, but the NTP will not be configured. i tried to add an DHCP option request, but there is no NTP (42) value. [code]
is there any way to add the value NTP (42) for the DHCP request or isnt it possible?
View 4 Replies
View Related
Jul 23, 2012
I have a cisco 3560 24PS and its connected to two ADSL broard band routers.one is a personal broadband line using a Billion ADSL broadband router, and the other is a business broardband line using BT's 2wire broadband line.on the Billion routers i have various things attached like a NAS and a printers, both wired connections. then i have laptops and phones that connect over wifi, so its configured to act as a DHCP server
the only thing conncted to my 2wire router is my company's laptop (wired or wifi depending on where i'm working from), so again i have it working as a dhcp server.The switch is configured with multiple vlans, with dhcp scopes assigned for each vlan.I have a static route pointing all traffic to my Billion ADSL for internet connectivity.
The problem i'm having is that when i turn on the cisco switch, all wifi conected devices loose their conection. only 2 things get it working again, a reboot of the router, or disabling then enabling the DHCP service on the router.upon further analysis i was able to find out that the devices were not able to pick up an address from the router. again i looked deeper into this and i can see the following on logs of my router: [code]
so it seems that the router tuns off its DHCP capabilities because it detects that my Cisco switch is running DHCP services. I need to figure out how to keep the billion routers DHCP running when ever the switch is turned on.is there a way of filtering out any DHCP chat from the switch to the router?
View 7 Replies
View Related
Jul 29, 2012
how can I show the DHCP-range of a router if I don't have privilege level? (not in enable-mode),I can do a "show ip dhcp pool" - this will show me the range which is configured with the network-command.But there are also some dhcp-exclude-addresses which I can't see.... (I did a test on a router with full privilege-access)I need this because I have a router with limited access from our provider.
View 0 Replies
View Related
Dec 11, 2012
I am running into a DHCP problem on a Cisco 891 running 15.0(1)M2. I am running DHCP on the router and want to reserve an address for a printer. I have done this hundreds of times on hundreds of routers. Per Cisco recommendation, I let the printer lease an address to see whether it uses it's "hardware-address" or "client-id". This printer uses the "hardware-address" format. The printer has leased 10.0.0.102 right off the bat. I want it at 10.0.0.50.
I have a DHCP pool, like this:
ip dhcp pool CLIENT
network 10.0.0.0 255.255.255.0
domain-name chsinc.ds
default-router 10.0.0.1
dns-server 10.0.0.1
lease 2
I create a "reservation" like so:
ip dhcp pool HP_LaserJet_Printer
host 10.0.0.50 255.255.255.0
hardware abcd.ef12.3456
Now I do a "show running-config" to see what I've put in and it looks just like above. Now we reset the network settings or change any network setting on the printer to force it to renew it's lease. What should happen and what usually happens is that the printer should request an IP, be offered 10.0.0.50, accept that IP and come up on that IP address. What is happening with this particular printer is that the printer requests a specific IP (the same IP that it had initially = 10.0.0.102), the router says OK and does not enforce the reservation. Then the router actually deletes the hardware-address config line right out of the running config. A "show running-config" shows that the reservation config now looks like this:
ip dhcp pool HP_LaserJet_Printer
host 10.0.0.50 255.255.255.0
See the logs below. Notice the ones in bold.
000226: Dec 12 17:34:01.382: DHCPD: Seeing if there is an internally specified pool class:
000227: Dec 12 17:34:01.382: DHCPD: htype 1 chaddr 101f.74b0.575c
000228: Dec 12 17:34:01.382: DHCPD: remote id 020a00000ae1e10100000001
000229: Dec 12 17:34:01.382: DHCPD: circuit id 00000000
[code]....
Is there a way to make the router enforce the reservation and not let clients just bring their own IP and actually make changes to the running-config of the router?
View 6 Replies
View Related
Jan 20, 2012
If it's possible, how do you protect/block a unauthorized DHCP SOHO router with NAT form a Cisco 3750?
View 16 Replies
View Related
Jan 30, 2011
I have a 3911 router with a 1242 AP. The problem that I have is that when the user is trying to connect, the user get the OS Ip address 169.254.168.154 and I see that when I do the "show dot11 association" command, but when I do sh ip dhcp binding on the router I see
172.19.9.141 0100.18de.74db.14 Jan 31 2011 11:14 AM Automatic
The router is seeing as if the router gave the ip address to the user, but the reality the user was assigne the OS ip address 169. I did "debug ip dhcp server events" and I got the following:
Jan 31 11:09:06.752 EST: DHCPD: Seeing if there is an internally specified pool class:Jan 31 11:09:06.756 EST: DHCPD: htype 1 chaddr 0100.18de.74db.14
Jan 31 11:09:06.756 EST: DHCPD: remote id 020a00000a58218400000000Jan 31
[Code].....
View 10 Replies
View Related
Apr 10, 2012
I am using DHCP/TFTP to autoconfigure a 3945 router. The router properly obtains an IP address and finds the correct TFTP server. The issue lies in the download of the configuration file from the TFTP server. The router downloads the file, gives the "Ok" message, and prompts you to press Return to get started. When I view the running-config, several commands are missing from the Serial 0/0/0 section (HWIC-2T). If I modify the config file on the TFTP server to use Serial 0/0/1 instead and repeat the process, the configuration file loads without any issues and Serial 0/0/1 has all of the commands.
I also tried moving syntax around in my config file, but the end result is still the same. If I use Serial0/0/0 - I don't get all of the commands. If I use Serial 0/0/1, I do.
View 1 Replies
View Related
Sep 3, 2012
We have a DHCP SERVER implemented in a cisco router 2610.This router is connected to a switch cisco 2960 configured as DHCP SNOOPING. At the switch appear the next log message: [code] The ip address: 10.100.200.1 belongs to DHCP SERVER configured at router cisco 2610. What to do so these log messages does not appear any more? Do I need to do some configuration changes at some switch or router?
View 11 Replies
View Related
Feb 12, 2013
I am configuring DHCP pool for voice vlan on cisco 2921 router.
Here is the setup.
2921 router -> 3750 -> 2960 PoE -> 7942 IP Phone
Router Config
ip dhcp excluded-address 10.146.54.1 10.146.89.50
!
ip dhcp pool VoiceVlan
network 10.146.54.0 255.255.255.0
subnet prefix-length 24
dns-server 10.144.68.32 10.144.68.33
option 150 ip 10.146.68.36
default-router 10.146.54.1
netbios-name-server 10.144.68.32 10.144.68.33
netbios-node-type h-node
[code]....
View 1 Replies
View Related
Mar 17, 2013
i have a simple router on a stick config which is providing dhcp to a customer SSID. however i don't want employees to stay on it and eat the band width since its open. the lease is set to an hour, is there anyway that i could set it so that once your lease expired it can't be renewed for 4 about 8 hours? I am using a cisco 2600 router in this setup.
View 1 Replies
View Related
Mar 12, 2013
I have this Cisco 1941 router with two Ethernet ports g0/0 and g0/1. The g0/0 is connected to office LAN with internet access. As my office LAN is DHCP, it will assigned a IP address for g0/0 since this g0/0 is configured as "ip address dhcp". Now my question is that i have a group of 5 pcs, namely PC1, PC2, PC3, PC4 and PC5 that is connected to the switch and one of the ports of this switch is connected to g0/1 of Cisco 1941. Is it possible that let say PC2 and PC3 (both DHCP enabled) could access the internet access from g0/0 and at the same time, the office LAN assigned IP address for PC2 and PC3 automatically?
Office Lan with internet access (DHCP) (Default gateway 10.0.0.1)
|
|
g0/0 (DHCP enable) (DHCP assigned IP address 10.0.0.138)
Cisco router 1941
g0/1
|
|
HP Switch
|
PC1 PC2 PC3 PC4 PC5
Is this operation possible? if possible, how to configure inside the router 1941 to achieve this objective?
View 8 Replies
View Related
Aug 10, 2011
I disconnected and reconnected the powercable while holding on to the setup button until system, alert, setup go amber. The system led light began blinking green. I waited until one of the leds lights on the ports starts blinking green I then connected the ethernet cable connected to my pc. I made sure my lan connection on my computer was set to dhcp.In the docs claim it should take about 1 minute to grab a new ip address. After a few minutes i check the ipconfig on my pc and I get the apipa address.The setup light on the switch remains green while system is amber. The led for port 1 stopped blinking and remains green.My pc is not grabbing an ip address I don't know what else to do.
View 7 Replies
View Related
Nov 30, 2011
We are looking to avoid the need to install an additional device in our network as our core 6509s are not being pushed by any stretch. However, we are having an issue getting the 6509 to assign DHCP addresses and perform NAT.
Most interfaces and V LAN's on the 6509 are using public IPs and have BGP routing at the edge. We have a trunk up link coming into the 6509 on a ws-6816 card via a SMF GBIC in slot 9, port 2 that feeds a wifi link where we are looking to provide guest access to our network.
We created 2 V LAN s on the switch 20 and 21. We assigned a private IP and network to the VLAN20 interface and assigned a new public /30 sub net ip to the V LAN 21 interface. The following configuration was applied which I thought was the required configuration based on how we would typically configure ISR routers for the same services...
ip dhcp excluded-address 10.200.200.1
!
ip dhcp pool WiFi_Pool
network 10.200.200.0 255.255.255.0
default-router 10.200.200.1
dns-server 4.2.2.1 4.2.2.2
[ code]...
What am I missing in this configuration? Note that if I create an access switch port for v LAN 20 on the switch and plug a laptop in directly to the 6509, the laptop is unable to receive a DHCP address. If I assign the laptop an address in the 10.200.200.0 /24 range manually, I can ping 10.200.200.1 from the laptop, however, the laptop will not get to the internet as it appears to be failing to perform nat.
View 7 Replies
View Related
Jan 15, 2013
I have this message "DHCP Timeout"on few cisco IP Phones .try to assign IP manually and it's working fine.. seems DHCP not giving IP's to those.. 6500 have configured as DHCP pool.
View 1 Replies
View Related
Nov 30, 2011
I am trying to get an understanding of some behaviour I am seeing on my N7Ks regarding DHCP relay.I have two identically configured Vlans interfaces both configured with the same two dhcp relay servers in the same order. The only difference between the two vlans is that one is HSRP active on the A side switch and the other is active on B side switch. All clients in Vlan136 (active on B side) are getting DHCP leases from the first of the two dhcp relay servers configured while all clients on Vlan 137 (active on A side) are getting DHCP leases from the second of the two dhcp relay servers. I would expect that all clients on both vlans would get leases from the first relay server configured unless that device was unavailable.
View 3 Replies
View Related
Sep 27, 2012
I have a problem at a place where 5 ME3400 switches are connected in a straight line. I can't do much about the topology of that place, but the problem is they are all DHCP Snooping, but uni cast replies from the dhcp server further up the hierarchy gets eaten by the first switch! I can't really see why it not only inspects in and whines about it not being for itself - it then drops the message.
What have we done wrong (apart from the actual layout of that place, which I can't really change)?
Sep 28 13:49:29: DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet0/1)
Sep 28 13:49:29: DHCP_SNOOPING: process new DHCP packet, message type: DHCPOFFER, input interface: Gi0/1, MAC da: 7444.012d.debd, MAC sa: 0013.1a4a.65c7, IP da: XX.YY.186.7, IP sa: XX.YY.186.1, DHCP ciaddr: 0.0.0.0, DHCP yiaddr: XX.YY.186.7, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 7444.012d.debd
Sep 28 13:49:29: DHCP_SNOOPING: binary dump of option 82, length: 20 data:
[Code] ......
It really should just send it on, as with any uni cast not on the switch itself - it should go out Gi0/2 really. Why isn't it?
[core] -- [sw1] -- [sw2] -- [sw3] -- [sw4] -- [sw5]
All the trunks are trusted, DAI is on (I've tried shutting it off, as well), port-security is used but it's actually not dying on the switch having the client computer, but the first one in the chain with dhcp snooping.
View 6 Replies
View Related
Jan 19, 2013
I have an 1841 running Advanced Enterprise Services 12.4(22)T3 that is functioning as a DHCP server and DNS server. What I am trying to figure out how to do is have the DNS service respond to queries about the clients of the dhcp service. I have successfully enabled it as a caching server for other requests, like "google.com" and "cisco.com", but what about the hosts on the local LAN?
As an example, let's say a Windows computer connects to the network with the hostname "computer" and receives an IP address from the 1841 with the domain name "test.net". I would like the 1841 to serve DNS queries for "computer.test.net" with the IP address that it assigned.
View 7 Replies
View Related
Jun 11, 2012
We are attempting to PXE boot from clients obtaining their DHCP lease information from DHCP pools configured on our 4506. The PXE server, and the client are configured in separate VLANs. We have configured option 66 to point to the PXE server IP address, and the bootfile option to point to the PXE boot configuration filename. On the client side SVI, we also have configured the ip helper-address command to point to the PXE server (which also acts as another DHCP server for redundancy).
The PXE boot continuously fails stating it is unable to find the configuration file. If we remove the DHCP pool from the 4506, and allow the client to receive their DHCP lease info from the secondary server (Windows 2k8 - same server as PXE server), they PXE boot with no issues.
We have no problem obtaining DHCP info, just completion of the PXE process.
View 6 Replies
View Related
Apr 12, 2012
Would like to impliment VLAN's on Cisco IOS Software, C3560 Software (C3560-IPSERVICES-M), Version 12.2(25)SEB4...But I need a DHCP Realy to my Windows Based DHCP Server. How do I enable DHCP Relay on the 3560?
View 8 Replies
View Related
Aug 9, 2012
I have couple of questions about Nexus 7010 configuration. how do we configure DHCP like the following example. [code]
View 1 Replies
View Related
Mar 28, 2013
I'm trying to get clients to pick up a DHCP address from my server. Physical config is as follows:
4-switch stack of 3750X-48P-S (x 2) and 3750X-24S-S (x 2). 48's are physical switch 1 & 2. Data stack is working fine. That's the Core Switch
Mix of 2960S-48TS-L and -24TS-L, 2960CG-8TC-L and 3560CG-8PC-S Access switches.
physical switch 1 in Core Switch, all ports are VLAN 4. No DHCP required - VLAN 4 is infrastructure only. All switches have:
Switch#(config)int vlan 4
Switch#(config-if)ip address 10.0.4.x 255.255.252.0 (Core switch is 10.0.4.10)
Switch#ip default-gateway 10.0.4.10
Physical switch 2 in Core Switch, all ports are VLAN 8 (client access, main corporate office site)
Physical switch 3&4 in Core Switch, all ports (SFP) are trunk
[Code] .....
So in that slightly spooky, obscure way that they have, the clients ought to be picking up a DHCP address from the relevant VLAN, depending on which VLAN the access port they're connected to is in. But they don't pick up anything. Connectivity is there - everything can ping everything, including clients if I set static IPs, and including DHCP server.
Should ip helper-addresses be set on the access switch VLAN interfaces too? Or have I missed something else obvious/critical? I need to have this out and on the ground and tested within 3 weeks - this is the first hurdle and I've fallen over. Like I said at the beginning, this config (or the equivalent) works fine on Packet Tracer for distributing IP addresses.
View 14 Replies
View Related
Mar 31, 2013
I have a Cisco SG 300 28 port switch that I have set in Layer 3 mode. I set up a second VLAN on it (vlan 4). I also set up the scope for DHCP on a Windows server for both VLAN's. The problem I am having, is that VLAN 4 is not pulling DHCP at all. The DHCP server is connected to port 1 on the switch, and the specifics are as follows:
VLAN 1: 192.168.5.251 subnet 255.255.255.0
VLAN 4: 192.168.55.251 subnet 255.255.255.0
DHCP Server 192.168.5.1
[Code]......
View 6 Replies
View Related
Jan 11, 2012
I currently have a the following configuration and am unable to get more than 2 DHCP addresses for the devices connected to the Cisco new SG 100-16 Switch.The AP have no trouble handing out DHCP to the wireless clients, but we are unable to get the SG 100-16 to be able to do the same thing to wired clients. It is currently connected to the 2960-8 in port 1. We can get 2 devices connected without a problem, but the 3rd machine and beyond do not work. Also, setting up a static IP does not work. Using a static will not even allow us to ping or tracer back to any devices beyond the SG 100-16.
View 7 Replies
View Related
Apr 16, 2013
We are configuring ACLs for a dhcp pool on Sw3750
ip access-list extended Test
permit ip any 192.168.1.0 0.0.0.31
permit ip any host 172.16.1.1
And, here is dhcp pool:
ip dhcp excluded 192.168.1.1 192.168.1.3
ip dhcp pool Name
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
But when a PC try to obtain IP automatically, it doesn't work.
View 3 Replies
View Related
Mar 2, 2013
I have a problem with high CPU load by DHCP Snooping process on Catalyst 6506 (WS-SUP720-3B, soft: s72033-ipservices_wan-mz.122-18.SXF11.bin). I have it enabled on 15 VLANS, in which there are subscriber devices residing, and sending DHCP requests through Cisco to DHCP server (Cisco acts as DHCP relay, and it's collecting the snooping database, I also use DAI).
Snooping database contains 6962 bindings now.
CPU load goes high only sometimes, and I don't have a clue, why it's going so high. It can load as high as 45-47% of CPU, like this:
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
116 81471244 322596368 252 42.95% 43.48% 36.06% 0 DHCP Snooping
When the load is high, the command: show ip dhcp snooping statistics is showing, that the overall quantity of
Packets Processed by DHCP Snooping is increasing rapidly. In normal situations, it's like 10-20 packets per second, but when the load is high, it's 1000-10000 pps.
But when I look at SPAN from my subscriber's VLANS, I don't really see any flood of DHCP requests, or something like that - everything looks as usual. Maybe, some of subscriber's devices are sending incorrect DHCP requests, that are causing packets to loop inside RP, or something like that? How can I detect that thing?
Also I thought, that if I enable the ip dhcp snooping trust mode on all of the Catalyst interfaces, the DHCP snooping will not process the subscribers DHCP packets, and I can, by exclusion of interfaces from one to one, detect, from which interface the problem is originating. But this seems to be incorrect, I turned the ip dhcsp snooping trust on all interfaces, and I still get spikes of CPU load by DHCP snooping process. Why it's still examining packets, even on trusted interfaces, is it ok?
And one more question - if I disable the ip dhcp snooping globally, will it clear all my existing bindings in snooping database?
View 3 Replies
View Related
Mar 5, 2012
Facing some DHCP issue. I got my laptop directly connected with Cisco 2960 switch. However it is not getting valid IP.
View 1 Replies
View Related
