Skip navigation.
Home

Passing DHCP through Site to Site VPN

I have a site to site vpn setup between a PIX 501 and a Juniper SSG520. The VPN is passing traffic fine; however, I am unable to receive DHCP. The DHCP servers are on the same LAN as the Juniper. I am also unable to ping the DHCP/DNS servers from the PIX or anything behind it.
Any help would be greatly appreciated.

Re:Passing DHCP through Site to Site VPN

You can try setting up the dhcp relay agent. I dont know how this works via VPN, but this is what cisco recommends to forward dhcp traffic.

Here are some of the commands that are used:
From the Juniper Front, you can use knowledge base:

http://kb.juniper.net/KB7287

For Cisco Front, you can use this:

dhcprelay server 10.2.1.2 outside

!--- Enter this command in order to set the
!--- IP address of a DHCP server on a different
!--- interface from the DHCP client.

dhcprelay enable inside

!--- Enter this command in order to
!--- enable DHCP relay on the interface connected to the clients.

dhcprelay setroute inside

!--- Enter this command to cause the default IP address of the DHCP reply
!--- to be substituted with the address of the security appliance inside interface.

Cisco's weblink:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008075fcfb.shtml#asdmserver

Search



 

Web

www.secmanager.com