Got it clarified. As per rfc 3527, the DHCP server will reply to the relay IP address only.
With regards Kings On Wed, Sep 21, 2011 at 4:23 PM, Kingsley Charles < [email protected]> wrote: > This doesn't make sense. > > The ASA sends DHCP DISCOVER with source address of 20.10.30.2 but the DHCP > server (IOS router) replies back to the relay IP address. > > > With regards > Kings > > > On Wed, Sep 21, 2011 at 1:07 PM, Kingsley Charles < > [email protected]> wrote: > >> Hi all >> >> R1 is the dhcp server which and has been configured for the dhcp pool >> 10.20.30.0/24. The ASA sends DHCP DISCOVER when the VPN client is trying >> to connect and from the dhcp debug messages on R1, I see that the IOS is >> leasing an IP address from 10.20.30.0/24. But R1 is sending the DHCP >> OFFER replies to "10.20.30.0". Thus the ASA nevers gets an IP address for >> the client. >> >> Now is this correct? >> >> The DHCP server R1 should send replies to 20.10.30.2 not to the relay IP >> address, isn't it? >> >> >> 20.10.30.1 20.10.30.2 >> R1 (dhcp server) ------------------------ ASA (EzVPN server) >> --------------- VPN Client >> >> >> hostname(config)#* vpn-addr-assign dhcp* >> >> hostname(config)# *tunnel-group firstgroup type ipsec-ra* >> >> hostname(config)# *tunnel-group firstgroup general-attributes* >> >> hostname(config-general)# *dhcp-server 20.10.30.40* >> >> hostname(config-general)# *exit* >> >> hostname(config)# *group-policy remotegroup internal* >> >> hostname(config)# *group-policy remotegroup attributes* >> >> hostname(config-group-policy)# *dhcp-network-scope 10.20.30.0* >> >> >> >> >> With regards >> Kings >> > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
