DNS aging and DHCP lease
Hi all,
I have AD integrated DNS server. Need advise how to set DNS aging\scavenging based on DHCP lease time. I know how the process works. Found couple of articles where is written "DHCP
lease duration should match the “no-refresh + refresh” interval."
Why should DHCP lease be equal to the sum of non-refresh and refresh interval? From my point of view DHCP lease time should be more than DNS non-refresh interval (and less then non-refresh + refresh interval) so DNS clients are able to register new DHCP
assigned IP address to DNS within refresh period, right?
Are there any "rules" which tells me what's the best set up of all this timers?
Tomas
Hi all,
Why should DHCP lease be equal to the sum of non-refresh and refresh interval?
Because when Non-refresh and Refresh interval expires and the record is not updated it is considered as inactive as Ahmed said. My environment is based on
(NonRef+Ref) = Lease and works correctly. Just do not try to scavenge records on AD Integrated zones if DHCP lease is something like 2-3 days. Yo will end up in a confusion state with a lot of false
positives which are considered as inactive but actually they are not inactives!
Mahdi Tehrani |
|
www.mahditehrani.ir
Please click on Propose As Answer or to mark this post as
and helpful for other people.
This posting is provided AS-IS with no warranties, and confers no rights.
How to query members of 'Local Administrators' group in all computers?
Similar Messages
-
I have a Mac Pro running Snow Leopard and an Airport Extreme. Wake on Demand works as advertised and I am able to access any sharing service running on the Mac Pro, even if the computer is asleep . . . but only for about 24 hours.
My only problem is that it seemed every night the Mac Pro would no longer be available to my Macbook. Troubleshooting it tonight, I think the problem is that the Airport Extreme base station is not renewing the Mac Pro's DHCP lease.
The Mac Pro's lease had been visible in the Airport Extreme's list of leases all day. When the Mac Pro no longer appeared in my Macbook's Finder, I opened Airport Utility and noticed that the Mac Pro had dropped off in the list of DHCP lease holders. After walking down to my basement and waking the Mac Pro with the mouse, the Mac Pro is back in the list of lease holders and Wake on Demand works once again.
While in the basement, I often hear the Mac Pro waking up momentarily, which I understand is to update the Bonjour Sleep Proxy. Shouldn't it also do something to renew the DHCP lease? Is there a way to make this system work for more than 24 hours without extended the DHCP lease length on the Airport Extreme?
Thanks for the help.Hi mcewen. The Wake on Demand feature works with any service being advertised with Bonjour. The caveat with Web Sharing is that it only advertises itself with Bonjour if you've modified one of the default web pages. So all you have to do is go into the Sites folder in your Home directory, and make a change to the index.html file, and then turn off Web Sharing and turn it back on. That should get it to be advertised with Bonjour (you can verify this by going to the Bonjour bookmarks section in Safari to make sure your web page shows up). After that it will support Wake on Demand using Web Sharing.
-
Rogue DNS Settings appearing after initial DHCP lease
I am having issues with DNS settings changing on clients soon after allocation via DHCP. This is a workgroup only, no windows domain. DHCP is running from a Fortigate 60b which acts as the primary DNS server and Google DNS configured as secondary. The DHCP lease time is 8 days, these DNS changes can happen 3 times or more in a working day. The network consists of a single subnet, there is also an internal wireless network using Ubiquiti AP's.
1. Malware has been ruled out, having scanned machines with AV and Malware detection finding nothing.2. Have setup port mirroring on switch ports and scanned traffic for other sources of DHCP offer packets.. none found.3. When the DNS settings change they are different on each machine, but each time it is a valid IP for the network that can be found in the DHCP leases on the 60b.I was expecting to...
This topic first appeared in the Spiceworks CommunityI am having issues with DNS settings changing on clients soon after allocation via DHCP. This is a workgroup only, no windows domain. DHCP is running from a Fortigate 60b which acts as the primary DNS server and Google DNS configured as secondary. The DHCP lease time is 8 days, these DNS changes can happen 3 times or more in a working day. The network consists of a single subnet, there is also an internal wireless network using Ubiquiti AP's.
1. Malware has been ruled out, having scanned machines with AV and Malware detection finding nothing.2. Have setup port mirroring on switch ports and scanned traffic for other sources of DHCP offer packets.. none found.3. When the DNS settings change they are different on each machine, but each time it is a valid IP for the network that can be found in the DHCP leases on the 60b.I was expecting to...
This topic first appeared in the Spiceworks Community -
After one or two websites the search "freezes". To rectify this I need to go into "Network" and press "Renew DHCP Lease" on my imac 10.6.8TS1317 - Mac OS X: Troubleshooting a cable modem, DSL, or LAN Internet connectionAny help?
Check your computers time and date are correct, and updating to your location via Apple's servers.
WiFi, Internet problems, possible solutions -
My internet keeps going down and when I try to renew the DHCP lease it stops working altogether
Every couple of weeks my internet would go down, I would be surfing the web and suddenly my connection would fail. I would try renewing my DHCP lease and every time I did I would get an IPv4 address of 192.168.0.100. Originally, restarting the router would fix the problem but the past couple of times they needed a technician from the provider to fix it. Even using the Ethernet cable doesn't work either.
is there a reason why this keeps happening and how do I stop it from happening again? Is there anything I can try to fix it on my end?
my computer is a five year old MacBook, running OS X 10.9.4Having the same problem. Watched 25 minutes of a rental and it stopped with the message"unable to load video"
Using current version IPad mini.
Ios7 is HUGH PIECE OF CRAP!!!! -
Hi
does Snow Leopard have DNS & DHCP services in it ? how to make those role run and configure them ?
and how to make a server a domain controller "silly Windows History in my mind"does Snow Leopard have DNS & DHCP services in it
You mean Snow Leopard Server, right? In which case, yes.
how to make those role run and configure them ?
Click a checkbox or two in Server Admin (and add your domain/network-specific data, of course).
and how to make a server a domain controller "silly Windows History in my mind
Do you intend to make a Windows domain controller? If so, you can't. Mac OS X Server includes a Samba server which can handle parts of a Windows directory system, but it can't emulate a full Windows Active Directory server which has way more elements.
On the other hand, if you just mean to create a directory server for your network then, just like the DNS and DHCP server response above, you click a couple of checkboxes in Server Admin and add your directory-specific data via Workgroup Manager (one of the bundled Server apps). -
Radius, and DHCP DNS info
I have recently turned on the Radius server, and it seems to work fine, and has taken control of my Airport base station which is great. I only have one problem which is that the DHCP info provided by the server to the clients only seems to give one of the 2 DNS addresses that I have listed in the DHCP server info section. This is rather frustrating as it worked fine with WPA!
Any thoughts?I just upgraded from a 2008 domain to 2012. I followed all the best practices, set up new 2012 DC and transferred all roles to it then removed the 2008 server. I just have the one DC at the moment and it's running both DNS and DHCP. Ever since we've had some odd DNS issues which usually require a reboot of the server to fix. Now at this point I'm digging through DNS and DHCP and seeing that a lot of client IP addresses are not matching up. DNS does not have the correct IP's for several clients. How can I fix dns?
This topic first appeared in the Spiceworks Community -
Sles dns and dhcp; OR NOWS SBE dns and dhcp
Ok, I'm finally to the state of setting up dns and dhcp. From what I read the NOWS way is to set it up in the sbsadmin web interface. That seems to use different backend programs than the sles dns and dhcp programs. For instance I think I read that the NOWS uses dhcpd, whereas in yast it says it uses dhcp-server.
SHOULD I use the NOWS way, or the SLES way for dns and dhcp? Looks like the sles way is more easily configured and managed, but I don't know if it will not be functional for my NOWS users.Originally Posted by dwjrdto2000
After doing a lot more reading; specifically in the oes2 documentation, I am going to use the Novell dhcp and dns servers and administer them from the downloadable java console as explained in the documentation.
NOWS SBE doesn't provide a capability to manage DNS/DHCP other than by editing the config files. I would be much more comfortable doing what you are doing however you have to be careful. NOWS SBE sometimes installs modified OES components (or used to) so one never knows what to expect when deviating from a standard NOWS SBE install. -
MacBook Pro, Netcomm NB7Plus4W and Renewing DHCP Lease + Airport Express
Problem 1 - Internet Connection Problem
I am in a locatation with:
2 x Late 2011 Macbook Pros 0sX 10.7.3
1 X Mid 2010 Macbook Pro Osx 10.6.x
3 x iPhone 4 iOs5.x
1 x PC Windows XP
ADSL2 internet connection
Wireless Netcomm NB7Plus4W
The 2 x Macbook Pro's 0sX 10.7.3 have difficuly connecting to the internet after wake from sleep, restart etc. They connect to the wireless network okay however they are very slow to get online, usually about 3-5 minutes minimum. Usually what is required is openening System Prefs / Network / and renewing the DHCP lease, which reduces the Internet connection time by a couple of minutes.
Other devices connect okay.
Problem 2 - Airport Express extending wirelss network
I would like to add an airport express to the wireless network so music can be played through iTunes to a coneected sound system, however the instructions in Airport Express Help do not seem to work.
Thanks for your replies in advance
ChristoI don't think it can be a Leopard-specific issue, or even a MacBook or Airport one, 'cause I've been having the exact same problem for several weeks on my old G4 tower running 10.4.11 & connected by ethernet to a NetGear router. :\ In all user accounts it opens a few web pages then loses connection until I renew the DHCP lease - strangely, this seems to happen quicker while using Safari than Firefox, but that could be coincidental. When the G4 has lost its connection, both my 3G iPhone and my boyfriend's POS Dell laptop have no trouble connecting wirelessly.
I plan to try BDAqua's hardware test suggestion as soon as I have time to hunt for my Tiger install disks. Any other suggestions would be appreciated. -
What are DHCP settings and what is a DHCP lease
My macbook has decided to stop logging on to my wifi router automatically.
Seems the DHCP settings are wrong with an inappropriate IP address and Submask coded applied.
When I change them back manually to what they were the computer says it is logged on to internet but refuses to open any internet application?
I have tried the DHCP lease renewal prompt but still will not award appropriate IP or Submask codeHi RobertaMcC,
Are you having trouble with a Wi-Fi connection or a wired (Ethernet) connection to the internet? DHCP is a communications protocol that assigns each computer a unique IP address on the internet. I'll include the information you specifically requested first, and general troubleshooting steps as well.
OS X Yosemite: Renew an IP address from the DHCP server
https://support.apple.com/kb/PH18513?locale=en_US
Here is an overview of the troubleshooting steps for a Wi-Fi connection:
Wi-Fi: How to troubleshoot Wi-Fi connectivity - Apple Support
https://support.apple.com/en-ca/HT202222
Hope that helps ...
- Judy -
PXE and Windows eating up DHCP leases
Hi,
We've got three DHCP servers on three sites, running the ISC DHCP
daemon. We also have Zen for Desktops 7 on all three sites running on
Netware 6.5.
My problem is that when the PC boots, it ends up with two leases - one
for when the PXE runs, and another for when Windows boots! I've attached
an example of what happens, and the leases from the log files of the
server, to show what's happening. In a nutshell, it seems to be related
to the fact that the PXE session doesn't show a UID to the DHCP server,
but Windows does. As a result, DHCPD treats them as two different hosts,
and grants two leases. The only way around this right now is
ridiculously short leases, which results in very chatty workstations and
servers.
I tried the "deny duplicates;" setting in the dhcpd.conf, but that
doesn't seem to have worked. We have just over 50% of the DHCP pool
used, so as a result most PCs work, apart from the last ones on which
start showing 'No free leases' in the log file.
I'm going to upgrade the server to SLES10 soon (it's currently on an
ancient redhat install), but there's nothing in the changelogs relating
to duplicates that I could see, so I don't think it's a version issue.
Can anybody suggest anything to try and alleviate this problem? Is
anybody seeing this?
Regards,
====================== LOG FILES ============================
PXE Boot
========
Oct 27 11:46:08 ernie dhcpd: DHCPDISCOVER from 00:07:e9:f2:d3:13 via
192.168.200.2
Oct 27 11:46:09 ernie dhcpd: DHCPOFFER on 192.168.200.130 to
00:07:e9:f2:d3:13 via 192.168.200.2
Oct 27 11:46:10 ernie dhcpd: DHCPREQUEST for 192.168.200.130
(192.149.238.50) from 00:07:e9:f2:d3:13 via 192.168.200.2
Oct 27 11:46:10 ernie dhcpd: DHCPACK on 192.168.200.130 to
00:07:e9:f2:d3:13 via 192.168.200.2
Oct 27 11:46:10 ernie dhcpd: DHCPREQUEST for 192.168.200.130
(192.149.238.50) from 00:07:e9:f2:d3:13 via 192.168.200.3
Oct 27 11:46:10 ernie dhcpd: DHCPACK on 192.168.200.130 to
00:07:e9:f2:d3:13 via 192.168.200.3
lease 192.168.200.130 {
starts 5 2006/10/27 10:46:10;
ends 5 2006/10/27 10:56:10;
binding state active;
next binding state free;
hardware ethernet 00:07:e9:f2:d3:13;
lease 192.168.200.130 {
starts 5 2006/10/27 10:46:10;
ends 5 2006/10/27 10:56:10;
binding state active;
next binding state free;
hardware ethernet 00:07:e9:f2:d3:13;
Windows Boot
============
Oct 27 11:47:11 ernie dhcpd: DHCPDISCOVER from 00:07:e9:f2:d3:13 via
192.168.200.2
Oct 27 11:47:12 ernie dhcpd: DHCPOFFER on 192.168.200.65 to
00:07:e9:f2:d3:13 (BCUC-6D8215E8EA) via 192.168.200.2
Oct 27 11:47:12 ernie dhcpd: DHCPREQUEST for 192.168.200.65
(192.149.238.50) from 00:07:e9:f2:d3:13 (BCUC-6D8215E8EA) via 192.168.200.2
Oct 27 11:47:12 ernie dhcpd: DHCPACK on 192.168.200.65 to
00:07:e9:f2:d3:13 (BCUC-6D8215E8EA) via 192.168.200.2
Oct 27 11:47:12 ernie dhcpd: DHCPREQUEST for 192.168.200.65
(192.149.238.50) from 00:07:e9:f2:d3:13 (BCUC-6D8215E8EA) via 192.168.200.3
Oct 27 11:47:12 ernie dhcpd: DHCPACK on 192.168.200.65 to
00:07:e9:f2:d3:13 (BCUC-6D8215E8EA) via 192.168.200.3
lease 192.168.200.65 {
starts 5 2006/10/27 10:47:12;
ends 5 2006/10/27 10:57:12;
binding state active;
next binding state free;
hardware ethernet 00:07:e9:f2:d3:13;
uid "\001\000\007\351\362\323\023";
client-hostname "BCUC-6D8215E8EA";
lease 192.168.200.65 {
starts 5 2006/10/27 10:47:12;
ends 5 2006/10/27 10:57:12;
binding state active;
next binding state free;
hardware ethernet 00:07:e9:f2:d3:13;
uid "\001\000\007\351\362\323\023";
client-hostname "BCUC-6D8215E8EA";
David Rickard
ICT Security Officer
david dot [email protected], 01494 522141 Ext: 3531
Information & Communication Technologies
Buckinghamshire Chilterns University College
Queen Alexandra Road, High Wycombe, BUCKS, HP11 2JZDavid Rickard wrote:
> Hi,
>
> We've got three DHCP servers on three sites, running the ISC DHCP
> daemon. We also have Zen for Desktops 7 on all three sites running on
> Netware 6.5.
>
> My problem is that when the PC boots, it ends up with two leases - one
> for when the PXE runs, and another for when Windows boots! I've attached
> an example of what happens, and the leases from the log files of the
> server, to show what's happening. In a nutshell, it seems to be related
> to the fact that the PXE session doesn't show a UID to the DHCP server,
> but Windows does. As a result, DHCPD treats them as two different hosts,
> and grants two leases. The only way around this right now is
> ridiculously short leases, which results in very chatty workstations and
> servers.
>
> I tried the "deny duplicates;" setting in the dhcpd.conf, but that
> doesn't seem to have worked. We have just over 50% of the DHCP pool
> used, so as a result most PCs work, apart from the last ones on which
> start showing 'No free leases' in the log file.
>
> I'm going to upgrade the server to SLES10 soon (it's currently on an
> ancient redhat install), but there's nothing in the changelogs relating
> to duplicates that I could see, so I don't think it's a version issue.
>
> Can anybody suggest anything to try and alleviate this problem? Is
> anybody seeing this?
>
> Regards,
>
>
> ====================== LOG FILES ============================
>
> PXE Boot
> ========
>
> Oct 27 11:46:08 ernie dhcpd: DHCPDISCOVER from 00:07:e9:f2:d3:13 via
> 192.168.200.2
> Oct 27 11:46:09 ernie dhcpd: DHCPOFFER on 192.168.200.130 to
> 00:07:e9:f2:d3:13 via 192.168.200.2
> Oct 27 11:46:10 ernie dhcpd: DHCPREQUEST for 192.168.200.130
> (192.149.238.50) from 00:07:e9:f2:d3:13 via 192.168.200.2
> Oct 27 11:46:10 ernie dhcpd: DHCPACK on 192.168.200.130 to
> 00:07:e9:f2:d3:13 via 192.168.200.2
> Oct 27 11:46:10 ernie dhcpd: DHCPREQUEST for 192.168.200.130
> (192.149.238.50) from 00:07:e9:f2:d3:13 via 192.168.200.3
> Oct 27 11:46:10 ernie dhcpd: DHCPACK on 192.168.200.130 to
> 00:07:e9:f2:d3:13 via 192.168.200.3
>
> lease 192.168.200.130 {
> starts 5 2006/10/27 10:46:10;
> ends 5 2006/10/27 10:56:10;
> binding state active;
> next binding state free;
> hardware ethernet 00:07:e9:f2:d3:13;
> }
> lease 192.168.200.130 {
> starts 5 2006/10/27 10:46:10;
> ends 5 2006/10/27 10:56:10;
> binding state active;
> next binding state free;
> hardware ethernet 00:07:e9:f2:d3:13;
> }
>
> Windows Boot
> ============
>
> Oct 27 11:47:11 ernie dhcpd: DHCPDISCOVER from 00:07:e9:f2:d3:13 via
> 192.168.200.2
> Oct 27 11:47:12 ernie dhcpd: DHCPOFFER on 192.168.200.65 to
> 00:07:e9:f2:d3:13 (BCUC-6D8215E8EA) via 192.168.200.2
> Oct 27 11:47:12 ernie dhcpd: DHCPREQUEST for 192.168.200.65
> (192.149.238.50) from 00:07:e9:f2:d3:13 (BCUC-6D8215E8EA) via 192.168.200.2
> Oct 27 11:47:12 ernie dhcpd: DHCPACK on 192.168.200.65 to
> 00:07:e9:f2:d3:13 (BCUC-6D8215E8EA) via 192.168.200.2
> Oct 27 11:47:12 ernie dhcpd: DHCPREQUEST for 192.168.200.65
> (192.149.238.50) from 00:07:e9:f2:d3:13 (BCUC-6D8215E8EA) via 192.168.200.3
> Oct 27 11:47:12 ernie dhcpd: DHCPACK on 192.168.200.65 to
> 00:07:e9:f2:d3:13 (BCUC-6D8215E8EA) via 192.168.200.3
>
> lease 192.168.200.65 {
> starts 5 2006/10/27 10:47:12;
> ends 5 2006/10/27 10:57:12;
> binding state active;
> next binding state free;
> hardware ethernet 00:07:e9:f2:d3:13;
> uid "\001\000\007\351\362\323\023";
> client-hostname "BCUC-6D8215E8EA";
> }
> lease 192.168.200.65 {
> starts 5 2006/10/27 10:47:12;
> ends 5 2006/10/27 10:57:12;
> binding state active;
> next binding state free;
> hardware ethernet 00:07:e9:f2:d3:13;
> uid "\001\000\007\351\362\323\023";
> client-hostname "BCUC-6D8215E8EA";
> }
>
Hi,
Just following this one up. It's still happening!
I tried using 'deny duplicates' in the dhcpd.conf, and it seemed to work
for a while, but it's still happening; I think we just had a low number
of PCs switched on!
We're on ZfD 7 SP1, Hotfix 3, with the Hotfix 4 PXE files installed
(Hotfix 4 came out about a week after I installed hotfix 3!).
Anyway, it's still happening and driving me to distraction. Of about
140-something hosts, they're using twice as many leases as they should,
so they're back on 10-minute leases, just to recycle them fast enough.
Anybody have any suggestions?!
David Rickard
ICT Security Officer
[email protected], 01494 522141 Ext: 3531
Information & Communication Technologies
Buckinghamshire Chilterns University College
Queen Alexandra Road, High Wycombe, BUCKS, HP11 2JZ -
Any reason why my MacBook Pro keeps dropping the WiFi signal - will be fine for ages and then just drops it! Does it at home and work so not either broadband connection
jp270759 wrote:
Hi. MAny thanks for the answer. Am new to Apple - what's the "real" MacBook Pro forum?
I would like to know also!
For your issue - Solution may be found if you search in the "More Like This" section over in the right column.
Change your router channel. Sometimes this is all you will have to do.
Power cycling the router. Read the router's user manual or contact their tech support for instructions.
System Preferences/Internet & Network/Network
Unlock the padlock
Locations: Automatic
Highlight Airport
Click the Assist Me button
In the popup window click the Diagnostic button.
System Preferences/Network- Unlock padlock. Highlight Airport. Network Name-select your name. Click on the Advanced button. Airport/Preferred Networks-delete all that is not your network.
Place a check mark next to "Remember networks this computer has joined." Click the OK button and lock the padlock. Restart your computer.
http://support.apple.com/kb/TS1920 Mac OS: How to release and renew a DHCP lease
No internet connection (wireless)
Check to see if an extra entry is present in the DNS Tab for your wireless connection (System Preferences/Network/Airport/Advanced/DNS).
Delete all extra entries that you find.
Place a check mark next to "Remember networks this computer has joined."
Other resources to check into:
Troubleshooting Wi-Fi issues in OS X Lion and Mac OS X v10.6
Netspot
How to diagnose and resolve Wi-Fi slow-downs
Pv6 troubleshooting
Mac OS X 10.6 Help: Solving problems with connecting to the Internet
What Affects Wireless Internet?
Solutions for connecting to the Internet, setting up a small network, and troubleshooting -
Apple built-in vpn client and dhcp hostnames
We have a number of Mac clients in our office which uses MS for dhcp and dns.
I've noticed that the mac clients when wired directly into the office network successfully get a dhcp lease and report their hostnames accurately to the dhcp server. However when these same clients connect to the office network via VPN (using the built-in vpn utility with Cisco IPSEC) they get a dhcp lease as expected, but do not register a hostname with the lease on the dhcp server. The lease is assigned to a blank hostname.
I assume this is a pretty common issue. Has anyone found a way to configure the vpn client to send the hostname along with the connection, either via the client config or through some other method?
Thanks.The VPN server is a Cisco 3030, however only the Mac clients have this issue. Windows and linux clients report their hostnames to dhcp properly even when VPN connected.
-
Needing to Renew DHCP Lease every five minutes to stay online
I experienced ALL the networking and DNS problems since my Leopard install, but adding OpenDNS servers to my router cured the problem. For two months, anyway. Now, in the last week, I've got problems again, and now the only thing that cures the suddenly dead network connection is to simply Renew DHCP Lease. Instantly my connection works again. But I'm needing to do this LITERALLY every five or ten minutes. Once I do this, it returns me the same IP address (as my router is set to do so), and all works again. Monitoring outbound network activity, I can see continuous failed requests to resolver1.openDNS.com and resolver2.openDNS.com. Barring waiting until 10.5.2, which we all hope resolves these problems (hur hur), any ideas?
I have had wireless problems intermittently for a year, and seriously for 6 weeks. Apple denied the issue and was no help in spite of many tens of thousands of people on their own discussions complaining. I found a post suggesting a couple of things which fixed the problem. I don't know if both are necessary, but the first by itself does not solve the problem.
Lock the channel of your router to channel 1, apparently Apple and 802.11n don't play well together on higher channels. When this becomes a standard this will be resolved I hope.
Open your network preferences, select 'airport' and advanced. Delete unused networks. Select your network.
Open TCP/IP and write down all the settings, configure iPv4 manually. Enter the settings manually. Turn off IpV6.
Open DNS and write down your DNS server. Delete it and re-enter it manually.
This has worked on 2 macbooks and an iMac for the last 3 weeks with no network drops.
Joe Shea
Philadelphia -
DHCP Server is not passing out DHCP Leases
I can't seem to figure out why DHCP server is not passing out DHCP lease a client?
Also I can't seem to figure out why NVI0 interface is UP? I have setup another box similarly and NVI0 is down on that and the DHCP server is working fine on that too. Strange!
I am working on CISCO 881 VPN Router...Please have a look at it and let me know. Thanks
Here is the configuration in the box...
sh run
Building configuration...
Current configuration : 6543 bytes
! Last configuration change at 17:09:54 CST Fri Sep 14 2012 by XXXXX
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname XXXXX
boot-start-marker
boot-end-marker
logging buffered 51200 warnings
aaa new-model
aaa authentication login default local
aaa authentication login vpn_xauth_ml_1 local
aaa authentication login sslvpn local
aaa authorization network vpn_group_ml_1 local
aaa session-id common
memory-size iomem 10
clock timezone CSTime -6
clock summer-time CST recurring
crypto pki trustpoint TP-self-signed-3079619067
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3079619067
revocation-check none
rsakeypair TP-self-signed-3079619067
crypto pki certificate chain TP-self-signed-3079619067
certificate self-signed 01
30820252 308201BB A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33303739 36313930 3637301E 170D3132 30393134 31393231
32375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 30373936
31393036 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100993C D622004B F3AEA1E5 81106C28 36EC52D0 5435ABC3 8912095F 3641168A
B67D97AF AEB43CF3 00A00EB5 702FA355 9F58EBEF F42294DC 0E32CF40 E17D372A
3BC36401 55EDBA5C 910B7A51 89D709A8 7EAB3FF0 E4C99D34 CBE3F316 069C0E16
BC284055 35E3D762 463DABF6 852C4E7A D2EF45A4 21F08689 4DF17870 9E2A6C27
1BFB0203 010001A3 7A307830 0F060355 1D130101 FF040530 030101FF 30250603
551D1104 1E301C82 1A506F70 6C617276 696C6C65 2E796F75 72646F6D 61696E2E
636F6D30 1F060355 1D230418 30168014 64EA4CAE 2029E4C2 702584C6 B5732464
5C9DA38A 301D0603 551D0E04 16041464 EA4CAE20 29E4C270 2584C6B5 7324645C
9DA38A30 0D06092A 864886F7 0D010104 05000381 81006C27 96E06B83 04DBDA81
EEB0AF35 84ED370E A8C9694E F9B9326D 69CB1043 9C396D7B 760D252F 4881926D
878E434F 9AFC3E6D A5BF43F2 E619D6EC F45C039A 5FFB478F A99F7EE5 274E37D5
11976FDE 823FD1A9 700203E5 67A329B3 F4CF45F0 245757C8 E2349276 B13414D1
017616FA 38A40BA8 42545AC5 C7676D21 29E4F491 CADB
quit
ip source-route
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 192.168.1.1 192.168.100.101
ip dhcp excluded-address 192.168.1.254
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
ip dhcp pool Internal_Network
network 192.168.1.0 255.255.255.0
dns-server 192.168.100.254
default-router 192.168.1.254
ip cef
ip domain name yourdomain.com
ip name-server 192.168.100.254
no ipv6 cef
license udi pid CISCO881-K9 sn FTX1604828T
username XXXXX privilege 15 secret 5 $1$QEcR$96cmvs/h/.05G6BnorcWG/
username XXXXX secret 5 $1$PQQ1$3.Vin0i/2uZ/KD0xEJ8GC.
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp policy 2
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp client configuration group YYYYYYY
key XXXXX_XXXXX_XXXXX
pool VPN-Pool
acl VPN-Access-List
crypto isakmp profile vpn-isakmp-profile-1
match identity group YYYYYYY
client authentication list vpn_xauth_ml_1
isakmp authorization list vpn_group_ml_1
client configuration address respond
virtual-template 2
crypto ipsec transform-set encrypt-method-1 esp-3des esp-sha-hmac
crypto ipsec profile VPN-Profile-1
set transform-set encrypt-method-1
interface FastEthernet0
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
description WAN_INTERFACE
ip address 192.168.100.3 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
interface Virtual-Template2 type tunnel
ip unnumbered FastEthernet0
tunnel mode ipsec ipv4
tunnel protection ipsec profile VPN-Profile-1
interface Vlan1
description VLAN1_INTERFACE
ip address 192.168.1.254 255.255.255.0
no ip redirects
no ip unreachables
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
ip local pool VPN-Pool 192.168.1.151 192.168.1.200
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 100 interface FastEthernet4 overload
ip nat inside source static tcp 192.168.1.100 21 192.168.100.3 21 extendable
ip nat inside source static tcp 192.168.1.100 80 192.168.100.3 80 extendable
ip route 0.0.0.0 0.0.0.0 192.168.100.254
ip access-list extended VPN-Access-List
permit ip 192.168.1.0 0.0.0.255 any
permit tcp host A.B.C.D host 192.168.1.100 eq ftp
permit tcp host A1.B1.C1.D1 host 192.168.1.100 eq ftp
permit tcp host A2.B2.C2.D2 host 192.168.1.100 eq ftp
permit tcp 192.168.1.0 0.0.0.255 host 192.168.1.100 eq ftp
permit tcp host A3.B3.C3.D3 host 192.168.1.100 eq ftp
permit tcp any host 192.168.1.100 eq XXX
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 23 permit 192.168.1.0 0.0.0.255
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
no cdp run
control-plane
banner exec ^C
% Password expiration warning.
Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you
want to use.
^C
banner motd ^C XXXXX-XXXXX VPN Router ^C
line con 0
exec-timeout 30 0
logging synchronous
no modem enable
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
password 7 124A50424A5E5550
transport input telnet ssh
scheduler max-task-time 5000
endHi Jennifer,
I have gotten it resolved. Per your suggestion, I have turned on debug ip dhcp events and found that POOL EMPTY message. After little research, I found out that I have made a mistake in my excluded-address range.
I have had it as
ip dhcp excluded-address 192.168.1.1 192.168.100.101
It should have been
ip dhcp excluded-address 192.168.1.1 192.168.1.101.
It was a typo.
Thank you for the suggestion.
Srini
Maybe you are looking for
-
Help! I dont want to lose my music!
I received my Ipod as a gift from my roommate years ago. She had a Mac so we formatted it on her computer. Now I no longer live with her and I just bought a PC because it was half the price of a Mac book. Itunes on my PC is telling me that windows wi
-
Adobe Reader 9 keep crashing on a Terminal Server
Here is the windows error message that comes back everyday: Log Name: Application Source: Application Error Date: 2012-07-04 10:41:00 Event ID: 1000 Task Category: (100) Level: Error Keywords: Classic User:
-
Color Bars and tone in FCP X?
Just downloaded FC"P" X and having a look around I cant find Color Bars or Tone anywhere...? Did a quick search on the help... but couldn't find anything. Surely I must be missing something here - they must be available right!!? I know I could output
-
Adjusting chunk size for virtual harddisks
My data partition with VHD images is constantly run out of space. So I decided to repartition the drive in the next days. While doing that, I will redo most or all images files to sparsify the data inside the guest. There is one issue: To reduce the
-
Cisco Interaction Manager and PCCE
Having an issue trying to integrate CIM 9.0(2) with PCCE 9.0(4). Emails are not being delivered to integrated queue's. Looking into the DB the activities are not being queued to CCE at all. TAC is following the path that this is related to ECC varia