[c-nsp] Relaying DHCP through small remote VPN (ASA 5505)...

Jeff Kell jeff-kell at utc.edu
Thu Sep 2 10:21:08 EDT 2010


 Have a remote setup w/ASA 5505... essentially setting up a site-to-site tunnel and
routing a local inside subnet back to the main campus.  (Default inside route part of
crypto-map match so all traffic is tunneled).

Everything is working, but I'm less than excited about the 5505s DHCP abilities, would
rather have the remote addressing managed by our central server.

If I enable "DHCP relay" on the inside interface, it insists that the DHCP server target
is "not" on the inside interface.  If I direct it to the outside interface, it doesn't
go over the tunnel and gets dropped.  If I try to specify the relay target on the inside
interface, it gives an error that it can't reside on an interface where relay is enabled.

I suspect I need an outside route that also tunnels? 

Anyone have a quick fix or pointer?

Jeff


More information about the cisco-nsp mailing list