DHCP Relay And Switch Port Settings?
May 7, 2011
I am actually more of a 3Com guy than Cisco but I like to think I know my stuff and having just discovered this site I hope to join in as it looks a good place.I have a question about the general theroy underneath DHCP relay (IP Helper in the Cisco world I believe!)I've always put the DHCP server in VLAN1 only. A few weeks ago, I repatched the DHCP server in one of our offices (small site, single switch) into a different port by mistake. A few days ago I noticed (when doing something entirely unrelated) that I had left it in a port on both VLANs meant for PC's/phones. So, untagged on VLAN1, tagged on the voice VLAN. It had continued to work properly all that time however.By contrast, at a larger site, a new DHCP server came online and was put on a switch elsewhere in the building and was also put into a port on both VLANs - however things didn't work at all - of course we noticed immediately and changed the port setting to VLAN1 only, and it came back.In the second example, the server was on a different switch to where the main L3 switch for the Voice VLAN was (which also does the DHCP relay), and was connected over a fibre trunk link.Is there any reason why it should work on a single switch on a port on both VLANs, but not when connected over a trunk link? The server does not understand tagging. In the case where it worked, the phones were getting an IP from the correct scope; so the relay obviously must have been working with the server issuing an address based on the GIADDR field.
View 2 Replies
ADVERTISEMENT
Jun 25, 2012
DHCP Relay on a SGE2000 switch.I have configured two VLANs on the switch, VLAN2 (192.168.10.x/24) and VLAN3 (192.168.9.x/24). I have the switch in Layer 3 mode. I have configured the DHCP relay server of 192.168.10.4 and the DHCP Interfaces as VLAN3. All of the IP Static Routes were generated by the switch.
If I put a client computer on a port that is Untagged VLAN 3 and try to get a DHCP address from the server on an Untagged VLAN 2 port I never get a response back.I have done some packet captures and here is what I have found:
I see the DHCP broadcast on the client computerI see the DHCP Request on the DHCP server coming from the IP assiged to the switch on VLAN 3 (192.168.9.254)I see the DHCP server respond with a DHCP OfferThe DHCP offer never gets to the client computer I can't seem to get a DHCP address to any system not on the same VLAN as the DHCP server. Option 82 is disable and I did try enabling it, which made no difference.
View 2 Replies
View Related
Dec 5, 2012
I am having some issues with getting DHCP Relay to fuction properly over our SG300-20 Switch.Out current layout is as follows. Hanging off the SG300-20 are a pair of Clustered Checkpoint Gateways with VLAN'ed interfaces in Both of our 2 VLANs, a 3COM 4200G In VLAN1 which has the DHCP server (And all the other Servers) connected to it, and a Pair of HP Procurve 2520's Stacked in VLAN 2 to provide PoE for our Phones/connectivity for our PCs.The problem is I cannot get the DHCP Relay to fuction from VLAN 1 to VLAN 2. If I assign an address in VLAN 2 manually to a device connected to the Procurves, everything works fine. I am able to reach both VLAN 1 and VLAN 2, but DHCP aquisition fails even if the device is connected directly to a port assigned to VLAN 2 on the SG300. The SG300 is running at Layer 3 currently also.
Here is a copy of the running config:
--------------------------------------------------------------------------------------------------------------
switch4db24f#show running-config
vlan database
vlan 2
exit
interface range gi8,gi16
switchport default-vlan tagged
[code]....
View 6 Replies
View Related
Nov 11, 2012
I have some DHCP trouble since I subnetted my network with a 2921. My clinets are in 172.16.2.0/23 and DHCP servers are in 172.16.5.0/24.Sometimes, randomly I guess, I get NACK from my DHCP server, and if I look into DHCP logs I got something like this:
15,11/09/12,09:52:27,NACK,172.16.3.172,switchE51D12.host.com,A0CF5BE51D12,,0,6,,,,,,,,
15,11/09/12,09:52:28,NACK,172.16.3.172,switchE51D12.host.com,A0CF5BE51D12,,0,6,,,,,,,,
15,11/09/12,09:52:29,NACK,172.16.3.172,switchE51D12.host.com,A0CF5BE51D12,,0,6,,,,,,,,
[code]....
View 6 Replies
View Related
Apr 3, 2012
Have a client wanting to hand out public ip addresses to all clients from a PFSense Firewall terminating the internet connection.
How do I allow the Cisco Switches currently in place, configured with private ip addresses in the 10.10.x.x ranges and Vlans, where the main 3550 layer 3 has defined dhcp scopes for each vlan, to relay dhcp requests from all vlans to the PFSense firewall?
I assume I would take off the currently defined dhcp scopes for the vlans and configure each vlan/switch with the ip helper address and specify the PFSense firewall and that Nat would have to be disabled onthe firewall?
View 1 Replies
View Related
Feb 6, 2013
I'm having a problem getting DHCP working with an ASR9k as shown in this document. I've successfully implemented very similar setups with some Cisco IOS routers, but the IOS XR on the ASR seems to be defeating me. Router A (happens to be a 3750)A DHCP/BOOTP/TFTP server, connected to router ARouter B - this is the ASR, running software version 4.0.3.Router A and B are connected by a layer-3 link.Router C (happens to be a Broadcom embedded router). It's connected to Router B by a VLAN trunk link.Device 1, this one needs to get its configuration by DHCP/BOOTP/TFTP. It's connected to Router C by a VLAN trunk link.Device 2, this one doesn't need any DHCP/BOOTP/TFTP. It's connected to Router C by a VLAN trunk link (its port is the same as Device 1's) Device 2 works great - it can ping the DHCP/BOOTP/TFTP server (and vice versa) and everything else it needs.
View 0 Replies
View Related
Oct 15, 2012
I have a firewall that I want acting as a DHCP relay. This firewall has a number of VLAN interfaces serving clients. The DHCP relay destination is the IP address of a Windows 2012 Server running Microsoft DHCP which has multiple scopes configured, one for each client VLAN.What I'm finding confusing is how the DHCP will identify the client. Does the DHCP relay insert an identifier of some sort (opt. 54?) based on which VLAN the DHCPREQUEST comes from and then this identifier can be configured to be recognized on the DHCP server?
View 2 Replies
View Related
Jun 17, 2012
how to configure dhcp relay agent and how it's work
View 1 Replies
View Related
Mar 17, 2011
I have a data center with virtual desktops and other shared infrastructure serving remote sites, some of which are connected to the data center with GRE over IPsec.
IP address management including DHCP is centralized in my architecture, but I simply cannot figure out how to relay DHCP requests through GRE over IPsec to my DHCP server cluster. I am working with Cisco 800 series VPN peers, and the VPNs are terminated either on a 1841 or a Juniper SRX. Everything else is just fine and dandy, but DHCP is not forwarded across the GRE tunnel.
As a workaround I am forced to use local DHCP pools on the VPN peers, which is extra work from a management point of view, and also precludes static IP address assignment where a local DHCP pool is in a VRF. My LAN devices are mostly thin clients, so I don't care if DHCP stops working when the WAN link fails. As such local pools have no upsides, they are only a tremendous hassle.
My config is very basic, public WAN in global routing table and WAN + GRE tunnel in a VRF. NAT is not used. Here are the DHCP-related configs I have tried:ip helper-address on the LAN gateway, both with and without ip forward-protocol udp bootpcip dhcp pool with relay options configured
In every case, I can see the UDP broadcasts hit the LAN gateway, but relayed packets never arrive at the other GRE tunnel endpoint let alone the DHCP server.
View 4 Replies
View Related
Oct 15, 2009
I have defined several V LAN's and the corresponding IP Addresses on the SGE2000. The static routing works fine. On one V LAN there is a Windows 2003 DHCP Server which I have defined as DHCP Relay Server (Option 82), but no packets are relayed. Has anyone a functional setup, with dhcp relay?
View 8 Replies
View Related
May 5, 2013
I have sample lab dhcp-client ------- (vlan62) sg-300 switch (vlan62) ------ dhcp server
When I set on switch :
dhcp relay : enable
option 82 : enable
dhcp server address: ip of dhcp
When debug packets from client to server, there is no 82 option in dhcp discover packets. I mirror all traffic to mirror port with wireshark. I can see dhcp packets but without option 82.
Firmware version: 1.0.0.27
View 2 Replies
View Related
Sep 12, 2012
I know how to disable the DHCP on the SRP527W but i was wondering how do i configure DHCP relay to point to a network DHCP server.
View 1 Replies
View Related
Nov 30, 2011
I am trying to get an understanding of some behaviour I am seeing on my N7Ks regarding DHCP relay.I have two identically configured Vlans interfaces both configured with the same two dhcp relay servers in the same order. The only difference between the two vlans is that one is HSRP active on the A side switch and the other is active on B side switch. All clients in Vlan136 (active on B side) are getting DHCP leases from the first of the two dhcp relay servers configured while all clients on Vlan 137 (active on A side) are getting DHCP leases from the second of the two dhcp relay servers. I would expect that all clients on both vlans would get leases from the first relay server configured unless that device was unavailable.
View 3 Replies
View Related
Apr 12, 2012
Would like to impliment VLAN's on Cisco IOS Software, C3560 Software (C3560-IPSERVICES-M), Version 12.2(25)SEB4...But I need a DHCP Realy to my Windows Based DHCP Server. How do I enable DHCP Relay on the 3560?
View 8 Replies
View Related
Feb 12, 2013
Does SRW248G4P supports dhcp relay?I don't see any option for it with firmware version 1.0.2.
View 1 Replies
View Related
Feb 24, 2011
Here's what I'm trying to figure out:
My network is set up such that I have a Wireless Network in VLAN 1, which is the primary network that we use. The subnet is 10.5.1.x.
My goal is to set up a completely isolated Guest Wireless Network, however it would work best. What I am trying to do now is I created a seperate VLAN (VLAN 2, IP range 10.5.2.x) and turned on DHCP on the WRVS4400N. However, in the Guest Network, it is always picking up a 10.5.1.x IP which is handed out by the DHCP server (10.5.1.5, Win 2003) and still routing all of the traffic to/from our private network.
Here's What I have set:
Wireless>Security Settings>Guest Network (SSID 2)
Wireless Isolation (between SSID w/o VLAN): EnabledWireless Isolation (within SSID): EnabledSetup>LAN>VLAN 1
Router IP 10.5.1.1, WLAN IP 10.5.1.3DHCP Relay for 10.5.1.5Setup>LAN>VLAN 2
Router IP 10.5.2.1DHCP Enabled for 10.5.2.x subnetDHCP Relay option is grayed out (not sure why)Setup>Advanced Routing
Inter-VLAN Routing: Disabled
Any way to solve this would be fine. I just do not want traffic routing through our internal network. Ideally, if I could get the Windows server to hand out 10.5.2.x addresses, that would be perfect, but I'm not sure how to configure it for such.
View 17 Replies
View Related
Dec 13, 2012
We have a SBS 2003 server with two NIC's, one for the internal LAN and the other connecting to the WAG160Nv2 that is hooked up to the internet.The internal LAN clients are all getting IP addresses from the DHCP server in the SBS Server (192.168.16.XXX). The DHCP server is sat at 192.168.16.2.The only thing connected to the LAN ports on the WAG160Nv2 is the Internet facing NIC from the server.What I want to do is to get the WAG160Nv2 to give IP addresses to Wireless connections going through the router, can I configure the DHCP relay option on the WAG160Nv2 to do this, I have looked at the DHCP relay option but it doesn't seem to work, my wireless connections are getting private 169.254.xxx.xxx addresses.Also is there anything I can do to make the wireless more Apple friendly, iPhones and iPads drop of the wireless frequently, that's why I trying a different approach.
View 1 Replies
View Related
Jun 30, 2012
I have a 2921 with 4 segments: [code] My DHCP server is 172.16.5.2 and I need to serve clients from 172.16.2.0/23 by MAC address and only to that segment.
View 2 Replies
View Related
Mar 11, 2011
Here is the high-level question, please only respond if you have a conclusive answer with documentation to back it up. It seems simple, but all my research on forums and things have been confusing and conflicting.
When "ip helper-address" is used to enable the dhcp-relay function, will the DHCP packets get relayed through the VPN tunnel (if thats where the DHCP server is?) This question applies to Cisco IOS Routers and VPN appliances which have a Site-to-Site IPSEC VPN Tunnel to a place that hosts a DHCP server.
I'm using the Cisco 880 and 1800 series routers. I've already got DHCP relaying through IPSEC tunnels, but so far I've only set it up where my 2960 switch relays the DHCP messages to the VPN router on site (which is a separate device). I want to know if the router can pickup and relay through it's own tunnel natively.
View 2 Replies
View Related
Aug 23, 2011
How to configure SF300 48port switch as DHCP Server or not.
My Configuration as below
I have 8 vlan configure in SF300 (SVI with ip address)isit possible to configure dhcp server and how i can apply access-list to restrict with other vlans.
View 1 Replies
View Related
Feb 1, 2012
I would like to know cisco 3560X-24P-S will support LLDP & DHCP relay .If it support which IOS feature is required to enbale these features.
View 1 Replies
View Related
Mar 18, 2003
I have a Cisco 7200 acting as the DHCP relay agent on my network. From a security standpoint, I want to disable the bootp server, with 'no ip bootp server'. What bearing, if any, does 'no ip bootp server' have on DHCP activity?
View 8 Replies
View Related
May 9, 2013
Windows Server 2008 R2 has two DHCP scopes 192.168.1.x (for data) and 192.168.2.x (for VOIP). The Catalyst 2960-S has Vlan1 for the Data V LAN and V lan 2 for the VOIP network. How do I setup DHCP relay for Vlan2 to get their IPs from the scope on the Windows server?
Used to doing ip helper-address x.x.x.x in other Catalyst switches, but not available here.
View 2 Replies
View Related
Jun 24, 2012
I need to configure a Cisco 2960 switch as a DHCP server. The current IP address will be on a different seed than the DHCP addresses. i.e.
Switch IP = 10.1.2.3, GW = 10.1.2.1, Subnet = 255.255.255.0
DHCP addresses would be 192.168.1.1 - 200, GW=???? (10.1.2.3?) and subnet would be 255.255.255.0
View 1 Replies
View Related
May 29, 2012
I have upgraded a C3750G-12S-E to c3750-ipserviceslmk9-tar.122-55.SE5This switch is a distribution layer switch for one of my remote sites. it contains an ip helper-address on the site vlan's SVI.DHCP relay is no longer functioning for client PCs. Static address assignment allows full network functionality. I enabled debug ip dhcp server packet. [code] Actually I am betting you upgraded your IOS from something before 12.2(50)SE to 12.2(50)SE or later. We added enhancement CSCso19800 which will validate DHCP options when we are a relay agent.
View 1 Replies
View Related
May 2, 2013
I have a Nexus 7000 Core Switch , and i need to allow the domain controller ip 10.x.x.x for DHCP relay on switch.
View 2 Replies
View Related
Feb 14, 2012
I am trying to configure two 3845 routers to act as dhcp server and dhcp relay. Clients are connected to the router that relays all dhcp requests to the vrf instance which is used to connect it to the router wich is running dhcp server.
Router1
ip vrf dhcp_dns
rd 8:1
int gi0/0
ip vrf forwarding dhcp_dns
ip address 192.168.200.5 255.255.255.248
[code]...
So far I can see dhcp requests coming from the R1 and dhcp server on R2 replies with the dhcp offer but PC is not getting any ip.
View 8 Replies
View Related
Jul 30, 2012
How to configure cisco 3560 to force the client only can get ip by dhcp-relay server ?
The company i am working in has 5 vlans which have been set an lay-3 switch(3560), uses the dhcp-relay server .(in svi configuration: ip helper-address X.X.X.X) well , that works ok~
Now , I got my problem: I need to force the client only can get ip by dhcp-relay server, that means if anyone set static IP manunally , he can't really access to anywhere (to provent anyone set static IP with malignancy )
I know if a h3c router , how to set this configuration n svi configuration : dhcp relay security address-check enable )
the how to configure on a cisco 3560 ?
View 1 Replies
View Related
Mar 29, 2012
I faced with issue on ME3800. [code] With that configuration there is no problem with DHCP Relay packets.But if I add on interface #xconnect 82.199.1 19.1 77 encapsulation mpls it will stop forward DHCP relay packets immediately. All other traffic transfers without problem.
View 2 Replies
View Related
Dec 23, 2011
I have two Cisco RV220W routers and I would like to realy DHCP from the home office to the remote office accross the IPsec Tunnel. Is this possible and if so how?
I have already gone into the IPv4 LAN (Local Network) settings on the remote router and set the DHCP mode to "DHCP Relay" providing the internal ip address of the home office router as the remote DHCP server.
View 1 Replies
View Related
Sep 10, 2012
I am trying to configure DHCP relay through VPN, I read different articles, but I cannot figure it out: The setup is as follows:
Site1:
DHCP server: 192.168.200.21Cisco 877 ADSL router Internal IP: 192.168.200.12External IP: 194.99.99.194
Site2:
Cisco 5505 ASA (behind a ADSL router 192.168.1.1, vpn ports 500 and 4500 forwarded to ASA)Internal IP: 192.168.2.1External IP: 192.168.1.2
There is a working ip sec site to site vpn between site1 and 2. I want the clients on site2 to get an ip address from the dhcp server in site1.
On the Cisco ASA:dhcprelay server 192.168.200.21 outside dhcprelay enable inside set route should be on or off ?
Cryptomaps:permit 192.168.2.0 192.168.200.0 (original crypto)permit 192.168.1.2 192.168.200.21 (added)permit 192.168.2.1 192.168.200.21 (added)
Site1:
On the Cisco 877: Cryptomaps:permit 192.168.200.0 192.168.2.0 (original crypto)permit 192.168.200.21 192.168.1.2 (added)permit 192.168.200.21 192.168.2.1 (added). What NAT entries do I need to use on the ASA and 877 ?
View 5 Replies
View Related
Dec 13, 2012
J've just bought an Asus RT-N66U router and I'm setting up a broadband credit card machine to go into it (rather than transmitting data over the phone line).I need to know what the status of DHCP and MAC are on the router but I'm not sure how to find it.DHCP needs to be on and MAC needs to be off.
View 3 Replies
View Related
Oct 24, 2012
I recently reset my Quidway WA1003A modem from Huawei and ever since, the radio button for the server settings under DHCP configuration is at OFF whenever I start up my computer. So if I try accessing the internet via wi-fi on my phone, I'll have to manually change the radio button by opening up 192.168.1.1 through the browser on my computer each time. I never faced this issue prior to the reset. It used to somehow always be saved as ON.
View 2 Replies
View Related