[c-nsp] PixOS 7.0: (chained) dhcp relaying not working

[Matti Saarinen]

"Tomas Daniska" <tomas at soitron.com> writes:

>> Dhcp packets come from Net A. They are relayed through PIX-A in which
>> they are encapsulated in IPSec VPN. They are relayed to the outside
>> interface of PIX-B and from there to the dhcp servers. This works,
>> when PIX-B runs 6.3(3) but not when it runs 7.0.
>
> there were some dhcp relay issues in the first 7.0 releases. Make sure
> you have the lastest 7.0 build - 

 Thank you very much. I didn't pay attention to the Interim builds
 link on CCO at all.

 I dowloaded 7.0(1)5 and it is now installed on 515E. Now, the
 necessary IPSec SAs are created for dhcp relaying and dhcp relaying
 itself works. And last but not least, we got the feature we were
 looking for with upgrading 515E to 7.0: the box forwards packets
 between interfaces that have same security level.

 Cheers,

-- 
- Matti -