Re: Cisco 892FSP Router refuses to provide DHCP to new VLAN.

151

Views

Helpful

Replies

I have my config attached.

Essentially I have a VLAN I have been using for awhile: 192.168.6.0

I am trying to add an additional VLAN in the form of: 192.168.20.0

I have mirrored the config as close as I can in order to get it all working, but it refuses to lease DHCP addresses to anything on the interface(s) on that VLAN. I spent a lot of time reading through forums and trying to research helper addresses and such that are mentioned in other posts to no avail. Hopefully someone can review my config and point out a simple mistake I am overlooking.

Finally I have a question about DHCP servers on the Router. Can I create multiple IP addresses that reference the Router as the DHCP server for the devices in my VLAN? When I give my PC a static IP in the network it was able to ping the router's IP in that VLAN (192.168.20.1) but I could not ping anything else, especially outside of that LAN.

Side note~~ The 192.168.10.0 network is configured specifically to connect to the router via SSH and disallow external network communication. This is working as designed.

Thanks to anyone who is able to assist.

4 KB

5 Replies 5

interface Vlan20
 ip address 192.168.20.1 255.255.255.0
 ip access-group VLAN20_ACL in <- must inlcude permit dhcp to and from 67/68
 ip helper-address 192.168.20.1 <- no need 
 ip nat inside
 ip virtual-reassembly in

Hi, and thanks for your response. Can you please elaborate on your statement:

ip access-group VLAN20_ACL in <- must inlcude permit dhcp to and from 67/68

Also, not sure if you saw my question at the bottom. I'm trying to make sure my understanding of the networking concepts as well as the capabilities of this device is sound.

permit udp any eq bootpc any eq bootps

For your Other Q can you more elaborate 
Thanks 
MHM

Can you describe in more detail what these 2 recommendations you provided do?

permit udp any eq bootpc any eq bootps

ip access-group VLAN20_ACL in <- must inlcude permit dhcp to and from 67/68

To rephrase and expand on my question:

Is this router capable of running DHCP server(s) in each specific VLAN? Does the Default Gateway IP (192.168.20.1 & 192.168.6.1) function as the gateway and the DHCP server simultaneously? Does the router act as a single DHCP server with multiple VLANs or does each VLAN request the router create a new DHCP server instance within itself?

I am actively engaged with some other things for now on the job. I will try to see if I can implement your recommendations and follow up with any updates.

Thank you for your time.

Ok, I'm unclear on how exactly to add the specs for your recommendations now that I'm logged into the device.

Where am I supposed to apply:

permit udp any eq bootpc any eq bootps

I am also unclear how to apply this recommendation.

ip access-group VLAN20_ACL in <- must inlcude permit dhcp to and from 67/68

Here is what I see when I edit that VLAN's Access group by that name:

(config-if)#ip access-group VLAN20_ACL ?
in inbound packets
out outbound packets

(config-if)#ip access-group VLAN20_ACL in ?
<cr>

Still cannot pull DHCP on Gi1.

Any advice is appreciated.

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide