This doesn't make sense. The ASA sends DHCP DISCOVER with source address of 20.10.30.2 but the DHCP server (IOS router) replies back to the relay IP address.
With regards Kings On Wed, Sep 21, 2011 at 1:07 PM, Kingsley Charles < [email protected]> wrote: > Hi all > > R1 is the dhcp server which and has been configured for the dhcp pool > 10.20.30.0/24. The ASA sends DHCP DISCOVER when the VPN client is trying > to connect and from the dhcp debug messages on R1, I see that the IOS is > leasing an IP address from 10.20.30.0/24. But R1 is sending the DHCP > OFFER replies to "10.20.30.0". Thus the ASA nevers gets an IP address for > the client. > > Now is this correct? > > The DHCP server R1 should send replies to 20.10.30.2 not to the relay IP > address, isn't it? > > > 20.10.30.1 20.10.30.2 > R1 (dhcp server) ------------------------ ASA (EzVPN server) > --------------- VPN Client > > > hostname(config)#* vpn-addr-assign dhcp* > > hostname(config)# *tunnel-group firstgroup type ipsec-ra* > > hostname(config)# *tunnel-group firstgroup general-attributes* > > hostname(config-general)# *dhcp-server 20.10.30.40* > > hostname(config-general)# *exit* > > hostname(config)# *group-policy remotegroup internal* > > hostname(config)# *group-policy remotegroup attributes* > > hostname(config-group-policy)# *dhcp-network-scope 10.20.30.0* > > > > > With regards > Kings >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
