[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] DHCP tbru FW1
If there is a router out on that subnet then you can use a helper. The Cisco way is to enter interface config mode for that interface and enter :- ip helper-address x.x.x.x (ip of dhcp server) This will turn the broadcast into a unicast and send it to server (rules permitting). It will then allow the dhcp server to return the address and all is lovely. The other option is configure a nt box as a 'DHCP Relay Agent' and it can forward requests to your DHCP server. These devices will both insure that an IP from the approriate scope will be returned. Hope that helps Russell Goodwin -----Original Message----- From: James Edwards [mailto:[email protected]] Sent: 24 October 2000 13:39 To: '[email protected]'; [email protected] Subject: RE: [FW1] DHCP tbru FW1 I'm sure someone who knows more about this stuff will disagree with me or have found some cool way to do this but we tried to do that very thing and were completely unsuccessful. The problem is not the DHCP server but rather the original device (call it A) and the nature of DHCP itself. When a device that uses DHCP boots up, it does not have an IP address and if it is told to use DHCP, it then broadcasts a DHCP request out on the network. A DHCP server listening on that network then picks it an IP address out of its tables and sends it back. The only information contained in the original packets from A that allows the DHCP server to answer it is the MAC address of the original device. The MAC address portion of the packet is changed everytime it traverses a device like a router or switch or firewall so the DHCP packet loses it originator as soon as it moves off the local network. Save yourself a lot of trouble and make a little NT box that does nothing but DHCP for that network. We worked on it for weeks and never got it to happen. Once again, someone out there probably has a cool way to do this but it is just simpler to put it on the same network. Hope this helps Jim Edwards -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Monday, October 23, 2000 4:54 PM To: [email protected] Subject: [FW1] DHCP tbru FW1 Just curious, has anyone used a product sold via UUNET called IPLINK and passed DHCP requests "thru" a FW1 to an internal DHCP server? I need to be able to pass DHCP requests from a leg on the firewall to my internal DHCP server and have it allocate addresses from the proper scope. Any problems to watch out for? I haven't really done anything with BROADCASTS, although I noticed the network object has a checkbox to allow them. Otherwise I might just have the router manage a pool instead. ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|