Dhcp sg300 vlan

Okay. I have two scopes for two vlans configured on the sg300. When I put my laptop in vlan 1 I get an ip from 192.168.0.0/24. I then release the ip, I put the port my laptop is in into vlan 20 and try to renew to get an ip from 172.20.20.0/24 subnet associated with vlan 20 but I get an ip from 192.168.0.0/24 which is associated with vlan 1. The only way to get this to work is I have to go into the sg300 and delete the dhcp binding and then renew and I then get an IP address from 172.20.20.0. I would have thought that if I put the laptop in vlan 20 and released and renewed the sg300 would give me an IP address from 172.20.20.0 not 192.168.0.0 which is associated with vlan 1. What am I missing? Why is the sg300 responding with an ip from different vlan?
Sent from Cisco Technical Support iPad App

I've also experienced this and there was a similar post unanswered this month I believe.  It may not be considered a bug or a problem since hosts aren't expected to change vlans like they do when we use are PCs for testing.  Personally I would think that each vlan would have it's own isolated binding table as well as every other table, array or structures.  Maybe some one can explain a solution or the reason why this is normal.

Similar Messages

  • SG300-20 - Configure DHCP on VLAN interface

    I have been reading the various related discussions on the SG300 and SG500 switches regarding setting up VLAN's and DHCP on those VLAN's.  For whatever reason I have been unable to even get this simple task to work.
    First thing I did was to update my firmware and boot version as follows:
    SW version    1.3.7.18 ( date  12-Jan-2014 time  18:02:59 )
    Boot version    1.3.5.06 ( date  21-Jul-2013 time  15:12:10 )
    HW version    V02
    When I reloaded the SG300 after the SW/Boot updates the startup config was wiped out and I had to setup my switch from scratch.  The intent is to have two VLAN's:
    VLAN 1: all devices, servers, etc.
    VLAN 2: basic subnet that hands out DHCP addresses
    The SG300-20 is connected to an Asus RT-AC66U router on the 192.168.1.x subnet and provides internal network access and WiFi access (router IP address is 192.168.1.1 and is default gateway).  All that works with no issues.  So my task is simply to create VLAN 2 on 192.168.2.x subnet and use DHCP to allocate addresses.  I have spent many hours on this and I still can't get it to work.  When I connect a laptop to the port (GI8) assigned to VLAN 2, I end up getting some wonky 169.254.x.x address.  I certainly thought something this "easy" wouldn't be that hard to setup, but apparently I was wrong.
    The SG300 is running in L3 mode as shown in my running-config below.
    Does anyone happen to see something that might be preventing my laptop client from recieving IP addresses from the VLAN 2 DHCP interface that are not in the 192.168.2.x subnet?
    Any ideas / suggestions would be greatly appreciated!
    Here's my running-config:
    config-file-header
    MYSTICSW1
    v1.3.7.18 / R750_NIK_1_35_647_358
    CLI v1.0
    set system mode router
    file SSD indicator encrypted
    ssd-control-start
    ssd config
    ssd file passphrase control unrestricted
    no ssd file integrity control
    ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
    vlan database
    vlan 2
    exit
    voice vlan oui-table add 0001e3 Siemens_AG_phone________
    voice vlan oui-table add 00036b Cisco_phone_____________
    voice vlan oui-table add 00096e Avaya___________________
    voice vlan oui-table add 000fe2 H3C_Aolynk______________
    voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
    voice vlan oui-table add 00d01e Pingtel_phone___________
    voice vlan oui-table add 00e075 Polycom/Veritel_phone___
    voice vlan oui-table add 00e0bb 3Com_phone______________
    bonjour interface range vlan 1
    hostname MYSTICSW1
    logging host 192.168.1.15
    logging origin-id hostname
    username cisco password encrypted b4a0fcf20b2cd9d80a55b06ab8f83277f9733904 privilege 15
    snmp-server location Office
    clock timezone " " -5
    clock summer-time web recurring usa
    clock source sntp
    sntp unicast client enable
    sntp unicast client poll
    sntp server 192.168.1.10 poll
    interface vlan 1
    ip address 192.168.1.254 255.255.255.0
    no ip address dhcp
    interface vlan 2
    name MysticWAN
    ip address 192.168.2.254 255.255.255.0
    interface gigabitethernet8
    switchport mode access
    switchport access vlan 2
    exit
    ip default-gateway 192.168.1.1
    Thanks in advance!
    Clint Lambert

    Tom,
    Thanks ... I followed the steps you outlined and it worked!  The only difference being that I have an Asus RT-AC66U router and the there is no "enable multiple subnet" option.  So, I just followed your instructions on creating the static routes in the RT-AC66U and everything worked.  The DHCP addresses were correct and I had internet connectivity when I plugged a laptop into the gi8 port.
    I did make one tweak to the Network Pools screen as follows:
    My DHCP configuration for gi8 on VLAN 2 now looks like:
    ip dhcp server
    ip dhcp pool network InternalWAN
    address low 192.168.2.1 high 192.168.2.99 255.255.255.0
    lease infinite
    domain-name MYSTIC
    default-router 192.168.2.254
    dns-server 8.8.8.8
    Previously I had followed your advice in the article "Need help configuring SG300-10 switch" and had setup everything using CLI.  However, I didn't think about needing the static routes.  So, I think it was probably setup correctly beforehand but had no chance to work because the routes were not setup.
    Thanks very much for your help!
    Clint

  • SGE2010P - DHCP Snooping - VLANs - Web GUI

    Model: SGE2010P
    FW: 3.0.0.18
    In the web GUI:
    Under DHCP Snooping ---> VLAN Settings
    It does not allow you to enter a VLAN higher than 4092
    I configured it to listen on VLAN 4094 via the CLI just fine.
    I believe this should be fixed in the web GUI.

    Yeah, I don't think I want to do that because of all the little troubleshooting steps they usually make me go through.
    I buy high-end equipment so I can skip the simple stuff...they usually don't understand that.
    I know it's a bug because I've already done the troubleshooting, I don't feel I should have to do the same stuff again.
    I only make a call when absolutely necessary because I find the phone support for this product line very un-supportative.
    At this level, I think I should get to skip the simple stuff.
    If you can't submit a bug report thats fine, I'll just leave it at this.
    It's no big deal, I just thought I'd let some one else know.

  • SG300 Vlan IP-Helper Address issues

    hi,
    I am trying to set a ip-helper address on my sg300 though getting the following.
    DNSWITCH01#configure
    DNSWITCH01(config)#interface vlan2
    DNSWITCH01(config-if)#ip helper-address 192.168.1.1
    % missing mandatory parameter
    DNSWITCH01(config-if)#DNSWITCH01#
    DHCP server is server 2008 R2 and the range is active for that vlan and can route to vlan and devices set statically fine

    Hi Konrad, DHCP cannot be used for IP helper since the switch has a DHCP-RELAY service.
    -Tom
    Please mark answered for helpful posts

  • SG300 VLAN ISE

    Hello,
    customer is using lots of 2960-Switches and plans to implement ISE for dynamic VLAN-Assignment. Should be no problem.
    For lots of small offices he wants to purchase SG300 Switches. I recommended Cisco Compact Switches, but they are too expensive.
    So the question is: Is it possible to configure the SG300 Switches to communicate with ISE to do allow dynamic VLAN-Assignemt?
    Any response will be helpful.
    regards
    Hubert

    Hubert,
    Barry is absolutely correct. From the switch side, it is setting radius config in the switch to the ip for the ISE and supplying the key, 802.1x setup and ports will be next. Please refer to the sg300 admin guide. pg 391 and 392 specifically for radius-assigned-vlans. Please review Chapter 19 in total. It will inform you as to certain configuration parameters that will and will not work. For the ISE, it can be a location based rule or an attribute for particular users.

  • Cisco SG300 VLAN rate-limit

    I have a Cisco SG300 small business switch and 541 APs. There are 2 VLANs in our network. One must be limited by bandwidth. Does anyone have an idea for configure vlan rate-limiting on SG300? And please describe CIR & CBS for me. Thanks.

    http://www.cisco.com/en/US/partner/products/ps10898/prod_command_reference_list.html
    Cisco Small Business 300 Series Managed Switches Command Line Interface Guide Release 1.3
    Select CIR and CBS according to your design. You can use a larger CBS when performance is not ideal.
    49.23 rate-limit (VLAN)
    Use the Layer 2 rate-limit (VLAN) Global Configuration mode command to limit the
    incoming traffic rate for a VLAN. Use the no form of this command to disable the
    rate limit.
    Syntax
    rate-limit vlan-id committed-rate committed-burst
    no rate-limit vlan
    Parameters
    • vlan-id—Specifies the VLAN ID.
    • committed-rate—Specifies the average traffic rate (CIR) in kbits per second
    (kbps). (Range: 3-57982058)
    • committed-burst—Specifies the maximum burst size (CBS) in bytes.
    (Range: 3000-19173960)
    Default Configuration
    Rate limiting is disabled.
    Committed-burst-bytes is 128K.
    Command Mode
    Global Configuration mode
    User Guidelines
    Traffic policing in a policy map takes precedence over VLAN rate limiting. If a
    packet is subject to traffic policing in a policy map and is associated with a VLAN
    that is rate limited, the packet is counted only in the traffic policing of the policy
    map.
    This command does not work in Layer 3 mode. It does not work in conjunction with
    IP Source Guard.
    Example
    The following example limits the rate on VLAN 11 to 150000 kbps or the normal
    burst size to 9600 bytes.
    switchxxxxxx(config)# rate-limit 11 150000 9600

  • Dhcp for vlans

    hi all
    Can anyone tell me how come my switch knows only to issue my dhcp pool to the relevant vlan, the vlan and dhcp pool are are the same subnet, but what if I didnt have a vlan in that subnet, would it not issue them ?

    Hi Carl,
    I'm not entirely sure on what you mean, however I'll explain a bit on how I see your question.
    Basically a PC on a subnet will send a Layer2 Broadcast requesting an IP address and various other details. Therefore, you will find that in most cases the DHCP server should be on the same subnet to receive the broadcast frame.
    All your switch does is forward frames (unicast, broadcast and multicast) across the same Vlans that are configured. Generally speaking switches do not forward to different vlans unless you have configured a multilayer switch.
    The exception in the dhcp case is where you use a dhcp relay agent to forward dhcp requests across different subnets to a central dhcp server.
    Please let me know if this makes sense or not. I'm not quite sure what you mean if you didn't have a vlan in that subnet.
    Cheers
    Michael.

  • SA520 not giving DHCP on vlans

    I have a SA 520 security appliance. It will not give a DHCP address on a vlan.  I have the dhcp server defined on the vlan.  I have the port 1 set to that vlan and my computer plugged straight into the SA520 and it will not give my PC a dhcp address.  I built a span port and see dhcp discover messages coming from the PC but the SA is not responding.

    Hi Tony,
    Just make sure you have the currently available  firmware version 2.1.18 firmware loaded and running as the primary software on your security appliance. I must admit i factory reset my unit after the upgrade as well,
    But also check again at the end of the month, I believe maintenance release 4 of the firmware is also due out I believe later this month with some enhancements  built in.
    regards Dave

  • Dhcp across vlans

    How would I get my dhcp server to assign ip's accross multiple vlans ?

    Hi Carl,
    We have a feature called 'ip helper', where a layer 3 interface will take a UDP broadcast such as a DHCP discover and forward it to a specified unicast address, such as a DHCP server.
    the command is documented here:
    http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c/ipcprt1/1cdipadr.htm#wp1002104
    HTH,
    Bobby

  • Configure DHCP on VLAN

    Do anyone knows if DHCP can be configure on VLAN?

    Hello and good evening,
    You create a DHCP scope on a 3560 just like any other IOS DHCP configs ...here is a sample config:
    interface vlan 1
    ip add 1.1.1.1 255.255.255.0
    interface vlan 2
    ip address  2.2.2.1 255.255.255.0
    ip dhcp excluded-address 1.1.1.1 1.1.1.10
    ip dhcp excluded-address 2.2.2.1 2.2.2.10
    ip dhcp pool vlan1
       network 1.1.1.0 255.255.255.0
       domain-name cisco.com
       dns-server 4.4.4.2 4.4.4.1
       default-router 1.1.1.1
       lease 3
    ip dhcp pool vlan2
        network 2.2.2.0 255.255.255.0
        domain-name cisco.com
        dns-server 4.4.4.2 4.4.4.1
        default-router 2.2.2.1
       lease 3
    Here is the link for configuring IOS DHCP services:
    http://www.cisco.com/en/US/docs/ios/ipaddr/configuration/guide/iad_dhcp_svr_cfg_ps6441_TSD_Products_Configuration_Guide_Chapter.html
    Your proposed design is a good one, and you have obviously done your homework!  A nice design!
    I would say however, that this community is really more for Cisco Small Business products and your question is in reference to a Cisco traditional products.  I believe you will have a better experience by posting your question in the Cisco NetPro forums located here: http://forums.cisco.com/eforum/servlet/NetProf?page=main 
    That forum has subject matter experts on Cisco traditional products that may be able to answer your question. 
    HTH,
    Andrew Lee Lissitz

  • SG300 VLAN Trunk?

    I have recently been putting a SG300 through testing, and while the configuration is working, I am now at the stage of making sure everything is secure.  At this point I've reached a question I can't quite find the answer to:
    Current Setup:
    1 Port - Trunk Mode (1UP + Various VLANs Tagged)
    Other Ports - Access Mode (Various VLANs Untagged)
    The question comes as to how to deal with the Trunk Port.  Per Cisco's own "Virtual Lan Security Best Practices", the default/native VLAN should be cleared from all Trunks... unless I am misunderstaing I see no way to accomplish this with the SG300's port in Trunk Mode (it forces 1UP, and admit-all).
    The only other options I see as being possible are:
    Change Port to General Mode, and switch policy to admit-tagged-only, and leave 1UP on the trunk
    -or-
    Change Port to General Mode, and remove 1UP (but this forces the system to add 4095P, which per the documentation states it immediately disables all other VLANS?)
    Are either of these options valid/usable... or is there a better way to accomplish this?

    Well, to put an end to this saga:
    This really doesn't do what I thought it would, and I proved this out by sticking a BSD machine on the port and sniffing the interface with tcpdump:
    switchport mode general
    switchport general allowed vlan add 101,102,103 tagged
    switchport general acceptable-frame-type tagged-only
    switchport general pvid 4095
    This really does nothing.. it is the same as leaving the interface in just the default trunk mode with tagged vlans... control traffic is all sent out the interface untagged.
    Playing around with this some more, this is more interesting:
    switchport mode trunk
    switchport trunk allowed vlan add 101,102,103
    switchport default-vlan tagged
    This changes the interface to Trunk: 1T, 101T, 102T, 103T, 4095P (and makes web interface go goofy if you try to change it). Now control traffic (other then STP) is coming down the VLAN's as tagged.
    Oh well.... upstream device will just be configured to drop everything that is untagged and move on

  • Cisco RV180 problem with DHCP and Vlan

    Hi,
    I have a RV180 router and I need it mainly for routing a /26 subnet over three vlans
    VLAN ID
    IP Address
    Subnet Mask
    DHCP Mode
    DNS Proxy Status
    1
    82.xx.xx.xx
    255.255.255.192
    DHCP Server
    Enabled
    2
    192.168.10.1
    255.255.255.0
    DHCP Server
    Enabled
    3
    192.168.3.1
    255.255.255.0
    DHCP Server
    Enabled
    vlan 1 (default)
    will be the default one and will have the ip 82.x.x.x, on this vlan I want to put two webservers with static/external ip
    vlan2
    will be for office use with the ip 192.168.10.1. I need for this DHCP enabled to give computers the correct ip in form 192.168.10.x. I will be configuring the static DHCP later on for those comps.
    vlan3
    will be for management with the ip 192.168.3.1. I don’t need DHCP will be using a static ip.
    VLAN ID
    Description
    Inter VLAN Routing
    Device Management
    Port 1
    Port 2
    Port 3
    Port 4
    1
    Default
    Enabled
    Enabled
    Untagged
    Untagged
    Excluded
    Excluded
    2
    Vlan2
    Enabled
    Enabled
    Excluded
    Excluded
    Excluded
    Untagged
    3
    Vlan3
    Enabled
    Enabled
    Excluded
    Excluded
    Untagged
    Excluded
    Everything works, on port 1 the servers work with their static ip, on port 4 the office computers receive the correct ip from DHCP, 192.168.10.x and even on port 3 the dhcp works for my management ip. But randomly some computers start losing connectivity, some regain it but some won’t connect even if I use a static ip corresponding to their vlan. When I say they won’t connect I mean I can’t ping their gateway or the management ip of the router (all vlans have inter vlan routing enabled so no matter on what vlan I am, I can access the web interface for the router). It;s not from security settings on the computers or firewall.
    I discovered they will connect if I use the static ip corresponding to vlan1 82.xx.xx.xx, but not the ip corresponding to their port number. DHCP stops working for a while, it will recover randomly.
    What am I doing wrong? I don’t have other switches I could use for DHCP, I thought I could use some managed switches to solve the DHCP problem.
    Thanks,
    Razvan

    I tried with only two vlans and set the DHCP active only for the office "vlan2". Computers receive the correct ip but some of them won't register on the network, i tried to set the ip manualy on the computers but that computer will still be isolated.
    Ex: computer A receives ip 192.168.10.25, Subnet 255.255.255.0, Gateway 192.168.10.1, for 2-3 minutes i can access the router on 192.168.10.1 and the internet, after a random time interval the gateway won't even respond to ping.It's not from firewall related issues as i set to accept all both incoming and outgoing. If i set a manual ip corresponding to vlan1 "default" everything works.It's like that computer is isolated so i believe it has to do with the asignment of Tagged, untagged and Excluded settings on the vlans.

  • DHCP for VLAN on 4507; IP Conflicts too often

    I have seen a few similar posts, but nothing so far that fits my scenario, I think.
    I keep getting random users in this VLAN reporting IP conflicts. These desktop systems are left on 24/7. Right now, we only have one VLAN DHCP being served from this core switch.
    There are only 29 computers pulling DHCP on this VLAN, but I have a large range allocated to them for growth. These are desktop systems, so they don't swap network ports, and they don't have dual NICs, nor do they have WiFi. So I am at a lose as to why we would be seeing IP conflicts with such an obvious open pool of IPs, and with MAC addresses not changing. It has been my experience that pretty much unless something happens(offline for several days, NIC replacement, etc.) to the MAC every IP renewal gives the same IP back.
    Core#sho ip dhcp pool OUR-Workstations
    Pool OUR-Workstations :
    Utilization mark (high/low)    : 100 / 0
    Subnet size (first/next)       : 0 / 0
    Total addresses                : 254
    Leased addresses               : 28
    Excluded addresses             : 49
    Pending event                  : none
    1 subnet is currently in the pool :
    Current index        IP address range                    Leased/Excluded/Total
    10.1.32.183          10.1.32.1        - 10.1.32.254       28    / 49    / 254
    Core#sho ip dhcp binding
    Bindings from all pools not associated with VRF:
    IP address      Client-ID/              Lease expiration        Type       State      Interface
                    Hardware address/
                    User name
    10.1.32.50      0180.1f02.5f5e.b6       Dec 18 2013 11:34 PM    Automatic  Active     Vlan32
    10.1.32.51      01f0.4da2.2e9f.06       Dec 19 2013 07:57 AM    Automatic  Active     Vlan32
    10.1.32.54      01b8.ac6f.45b4.27       Dec 19 2013 09:54 AM    Automatic  Active     Vlan32
    10.1.32.55      0100.2564.c8bd.ea       Dec 19 2013 09:33 AM    Automatic  Active     Vlan32
    10.1.32.58      01b8.ac6f.45c4.97       Dec 19 2013 04:18 AM    Automatic  Active     Vlan32
    10.1.32.61      01b8.ac6f.3693.05       Dec 19 2013 05:12 AM    Automatic  Active     Vlan32
    10.1.32.62      01b8.ac6f.35f0.eb       Dec 19 2013 05:18 AM    Automatic  Active     Vlan32
    10.1.32.63      0100.2564.c8c7.ae       Dec 19 2013 12:26 AM    Automatic  Active     Vlan32
    10.1.32.65      01f0.4da2.2fba.66       Dec 19 2013 01:44 AM    Automatic  Active     Vlan32
    10.1.32.66      01b8.ac6f.46eb.b8       Dec 19 2013 01:05 AM    Automatic  Active     Vlan32
    10.1.32.67      01b8.ac6f.45c9.7a       Dec 18 2013 10:54 PM    Automatic  Active     Vlan32
    10.1.32.68      01b8.ac6f.45c3.dc       Dec 19 2013 07:12 AM    Automatic  Active     Vlan32
    10.1.32.70      01b8.ac6f.35f1.48       Dec 19 2013 05:15 AM    Automatic  Active     Vlan32
    10.1.32.88      01b8.ac6f.37bc.3e       Dec 19 2013 06:37 AM    Automatic  Active     Vlan32
    10.1.32.97      01b8.ac6f.368f.f5       Dec 19 2013 06:42 AM    Automatic  Active     Vlan32
    10.1.32.101     01b8.ac6f.45bb.9e       Dec 19 2013 06:17 AM    Automatic  Active     Vlan32
    10.1.32.110     01f0.4da2.2d47.5a       Dec 19 2013 06:17 AM    Automatic  Active     Vlan32
    10.1.32.118     01f0.1faf.1d37.97       Dec 19 2013 07:19 AM    Automatic  Active     Vlan32
    10.1.32.121     0100.2564.c95a.c1       Dec 19 2013 06:53 AM    Automatic  Active     Vlan32
    10.1.32.144     01b8.ac6f.1d37.34       Dec 19 2013 09:16 AM    Automatic  Active     Vlan32
    10.1.32.167     0100.2564.c94e.f0       Dec 19 2013 07:34 AM    Automatic  Active     Vlan32
    10.1.32.170     01e0.db55.e9d7.01       Dec 19 2013 07:38 AM    Automatic  Active     Vlan32
    10.1.32.171     0100.03ff.2eba.66       Dec 18 2013 01:20 PM    Automatic  Active     Vlan32
    10.1.32.178     0124.7703.f1c2.e5       Dec 18 2013 10:02 AM    Automatic  Selecting  Vlan32
    10.1.32.235     01f0.4da2.2c92.33       Dec 19 2013 09:53 AM    Automatic  Active     Vlan32
    10.1.32.238     01b8.ac6f.3649.aa       Dec 19 2013 05:21 AM    Automatic  Active     Vlan32
    10.1.32.241     01b8.ac6f.1d2a.2f       Dec 18 2013 10:08 PM    Automatic  Active     Vlan32
    10.1.32.247     01b8.ac6f.45b5.8f       Dec 19 2013 05:15 AM    Automatic  Active     Vlan32
    Not sure what the SELECTING status is for 10.1.32.178, but I assume I caught this at a point IP renewal.
    Core#sho ip dhcp server stat
    Memory usage         22449
    Address pools        1
    Database agents      0
    Automatic bindings   28
    Manual bindings      0
    Expired bindings     1178
    Malformed messages   294
    Secure arp entries   0
    Renew messages       2368
    Relay bindings                 0
    Relay bindings active          10
    Relay bindings terminated      0
    Relay bindings selecting       10
    Message              Received
    BOOTREQUEST          171602
    DHCPDISCOVER         2931675
    DHCPREQUEST          2680462
    DHCPDECLINE          271
    DHCPRELEASE          26
    DHCPINFORM           951950
    DHCPVENDOR           0
    BOOTREPLY            0
    DHCPOFFER            126
    DHCPACK              0
    DHCPNAK              0
    Message              Sent
    BOOTREPLY            0
    DHCPOFFER            8196
    DHCPACK              353198
    DHCPNAK              12769
    Message      Forwarded
    BOOTREQUEST          0
    DHCPDISCOVER         0
    DHCPREQUEST          0
    DHCPDECLINE          0
    DHCPRELEASE          0
    DHCPINFORM           0
    DHCPVENDOR           0
    BOOTREPLY            0
    DHCPOFFER            0
    DHCPACK              0
    DHCPNAK              0

    Hi,
    Cisco IOS DHCP service doesn't reallocate the same IP to a client that is renewing its binding, it will try to offer the next IP available that is not excluded manually or that either didn't receive a DHCPDECLINE or a positive reply to an icmp echo test or ARP test.It will circle like this upto end of pool and starting at start of pool again.
    Regards
    Alain
    Don't forget to rate helpful posts.

  • Dhcp to vlan

    Hi all, is it possible to set up dhcp on a firewall/router, someone has set up a dhcp on a firewall here that only gives out ip's to vlan 200, is that possible ?

    Hi
    its very much possible to setup dhcp services in a router but do revert whether you are using any VPN concentrator box out ther to assign ips to your local lan or else revert on what kinda firewall box has been installed over there to do the same.
    regds

  • DHCP and Vlan

    i've got a 1700 router with subinterface fast ethernet 2 assigned to vlan 2 with dot1q trunking.i want to setup dhcp on the router.the native vlan is not used.i'm only using vlan 2.will the hosts receive ip addresses automatically for vlan 2 or do i need to setup helper addresses ?

    Hi,
    You can indeed set up the router to be a DHCP server, which means that you will not need to configure any helper addresses.
    If a DHCPDISCOVER message comes in over your fastethernet sub-interface, the router will respond with an address.
    Here's a sample config:
    service dhcp
    ip dhcp pool DCHPPool1
    network ! network and mask you want to assign
    default-router ! ip address of router
    dns-server
    ip dhcp excluded-address
    (since you don't want it handing out addresses such as the router's address)
    Hope that helps - pls rate the post if it does.
    Regards,
    Paresh

Maybe you are looking for