Configuring dhcp relay services – Cisco ASA 5505 User Manual

Page 353

Advertising
background image

11-7

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 11 Configuring DHCP

Configuring DHCP Relay Services

Configuring DHCP Relay Services

A DHCP relay agent allows the ASA to forward DHCP requests from clients to a router connected to a
different interface.

The following restrictions apply to the use of the DHCP relay agent:

The relay agent cannot be enabled if the DHCP server feature is also enabled.

DHCP clients must be directly connected to the ASA and cannot send requests through another relay
agent or a router.

For multiple context mode, you cannot enable DHCP relay on an interface that is used by more than
one context.

DHCP Relay services are not available in transparent firewall mode. An ASA in transparent firewall
mode only allows ARP traffic through; all other traffic requires an access list. To allow DHCP
requests and replies through the ASA in transparent mode, you need to configure two access lists,
one that allows DCHP requests from the inside interface to the outside, and one that allows the
replies from the server in the other direction.

When DHCP relay is enabled and more than one DHCP relay server is defined, the ASA forwards
client requests to each defined DHCP relay server. Replies from the servers are also forwarded to
the client until the client DHCP relay binding is removed. The binding is removed when the ASA
receives any of the following DHCP messages: ACK, NACK, or decline.

Note

You cannot enable DHCP Relay on an interface running DHCP Proxy. You must Remove VPN DHCP
configuration first or you will see an error message. This error happens if both DHCP relay and DHCP
proxy are enabled. Ensure that either DHCP relay or DHCP proxy are enabled, but not both.

To enable DHCP relay, perform the following steps:

Command

Purpose

dhcpd option 3

ip router_ip1

Example:

hostname(config)# dhcpd option 3 ip

10.10.1.1

Sets the default route.

Command

Purpose

Step 1

dhcprelay server

ip_address if_name

Example:

hostname(config)# dhcprelay server

201.168.200.4 outside

Set the IP address of a DHCP server on a different interface from
the DHCP client.

You can use this command up to ten times to identify up to ten
servers.

Step 2

dhcprelay enable

interface

Example:

hostname(config)# dhcprelay enable inside

Enables DHCP relay on the interface connected to the clients.

Advertising