Firewall Wizards mailing list archives
RE: Cisco PIX DHCP relay via IPSEC
From: "Scot Kreienkamp" <Scot () pc-sos net>
Date: Wed, 22 Oct 2003 13:24:40 -0400
Sorry for the duplicate, hit send accidentally. I'm reading the list on the archives, so somebody may have already pointed this out. From http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configura tion_guide_chapter09186a0080172790.html#1076424 PIX Firewall Version 6.3 provides support for DHCP relay. The DHCP relay agent provided helps dynamically assign IP addresses to hosts on the inside interfaces of the PIX Firewall. When the DHCP relay agent receives a request from a host on an inside interface, it forwards the request to one of the specified DHCP servers on an outside interface. If that's the case then could I forward the DHCP requests across the IPSEC tunnel? Scot Kreienkamp Scot () PC-SOS net Phone: 419-872-2500 Fax: 419-831-8500 -----Original Message----- From: Wes Noonan [mailto:mailinglists () wjnconsulting com] Sent: Wednesday, October 22, 2003 12:15 PM To: Scot W. Kreienkamp; firewall-wizards () honor icsalabs com Subject: RE: [fw-wiz] Cisco PIX DHCP relay via IPSEC I don't believe that the PIX can pass DHCP/bootp, but don't hold me to that (never tried it). The remote PIX could be configured to be a DHCP server that you can manage however, and TFTP would easily pass through the VPN tunnel so that might be another option to address your needs. HTH and good luck. Wes
-----Original Message----- From: firewall-wizards-admin () honor icsalabs com [mailto:firewall-wizards- admin () honor icsalabs com] On Behalf Of Scot Kreienkamp Sent: Wednesday, October 22, 2003 09:59 To: firewall-wizards () honor icsalabs com Subject: [fw-wiz] Cisco PIX DHCP relay via IPSEC Hi all, I'm looking at using two PIX's to do site to site IPSEC via the internet. Because I don't control all the devices at the remote end one of my requirements is that I be able to do DHCP/Bootp and TFTP from the remote end to the head end via the IPSEC VPN. Does anyone know if the PIX will be able to do this? If anyone has a better product in mind that can accomplish this please let me know, I'm not stuck on the PIX but I do need a workable solution within the next few days. Please don't say linux, I've already been turned down there. :) Thanks! Scot Kreienkamp Scot () PC-SOS net _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Scot Kreienkamp Scot () PC-SOS net Phone: 419-872-2500 Fax: 419-831-8500 _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Cisco PIX DHCP relay via IPSEC Scot Kreienkamp (Oct 22)
- RE: Cisco PIX DHCP relay via IPSEC Wes Noonan (Oct 23)
- <Possible follow-ups>
- RE: Cisco PIX DHCP relay via IPSEC Scot Kreienkamp (Oct 23)
- RE: Cisco PIX DHCP relay via IPSEC Scot Kreienkamp (Oct 23)
- RE: Cisco PIX DHCP relay via IPSEC Melson, Paul (Oct 24)
- RE: Cisco PIX DHCP relay via IPSEC Lagula, Cecil (Oct 24)
- RE: Cisco PIX DHCP relay via IPSEC Perrymon, Josh L. (Oct 30)
- RE: Cisco PIX DHCP relay via IPSEC Scot Kreienkamp (Oct 30)