831 Does not assign ip addresses

Hi All. I have a remote branch that uses a Cisco 831 as a DHCP server. The problem is, the router does not push out ip addresses. We have to manually set the ip address on each computer.

Can someone tell me what is wrong with this config?

Thanks

xxxx#sh run Building configuration...

Current configuration : 6803 bytes ! version 12.3 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service sequence-numbers ! hostname cal01rt01ec ! security passwords min-length 6 no logging buffered enable secret 5 xxx enable password 7 xxx !xxx no aaa new-model ip subnet-zero no ip source-route no ip domain lookup ip dhcp excluded-address 192.168.44.1 192.168.44.20 ! ip dhcp pool xxx import all network 192.168.44.0 255.255.255.0 default-router 192.168.44.1 netbios-name-server 172.17.2.60 172.17.2.30 domain-name xxx netbios-node-type h-node dns-server 172.17.2.60 xxxxxxx lease 3 ! ip dhcp pool jdirect1 host 192.168.44.18 255.255.255.0 hardware-address 000e.7fe6.05a1 client-name xxxx1 ! ip dhcp pool jdirect2 host 192.168.44.19 255.255.255.0 hardware-address 000e.7fe1.f31a client-name xxxx2 ! ! no ip bootp server ip cef ip inspect name DEFAULT100 cuseeme ip inspect name DEFAULT100 ftp ip inspect name DEFAULT100 h323 ip inspect name DEFAULT100 netshow ip inspect name DEFAULT100 rcmd ip inspect name DEFAULT100 realaudio ip inspect name DEFAULT100 rtsp ip inspect name DEFAULT100 smtp ip inspect name DEFAULT100 sqlnet ip inspect name DEFAULT100 streamworks ip inspect name DEFAULT100 tftp ip inspect name DEFAULT100 tcp ip inspect name DEFAULT100 udp ip inspect name DEFAULT100 vdolive ip inspect name DEFAULT100 icmp ip audit notify log ip audit po max-events 100 no ftp-server write-enable chat-script modem ABORT ERROR "" "ATDT\\T" TIMEOUT 60 CONNECT \\c ! ! ! ! crypto isakmp policy 11 hash md5 authentication pre-share crypto isakmp key 0 xxxxxx address xxxxxx ! ! crypto ipsec transform-set sharks esp-des esp-md5-hmac ! crypto map nolan 11 ipsec-isakmp set peer xxxxxx set transform-set sharks match address 121 ! ! ! ! interface Null0 no ip unreachables ! interface Ethernet0 description $FW_INSIDE$ ip address 192.168.44.1 255.255.255.0 ip access-group 101 in ip helper-address 172.17.255.255 ip helper-address 172.17.2.30 ip helper-address 172.16.255.255 no ip redirects no ip unreachables no ip proxy-arp ip nat inside ip route-cache flow no ip mroute-cache no cdp enable hold-queue 32 in ! interface Ethernet1 description $FW_OUTSIDE$ ip address xxx 255.255.255.224 ip access-group 102 in ip verify unicast reverse-path no ip redirects no ip unreachables no ip proxy-arp ip nat outside ip inspect DEFAULT100 out ip route-cache flow no ip mroute-cache duplex auto no cdp enable crypto map nolan ! interface FastEthernet1 no ip address duplex auto speed auto ! interface FastEthernet2 no ip address duplex auto speed auto ! interface FastEthernet3 no ip address duplex auto speed auto ! interface FastEthernet4 no ip address duplex auto speed auto ! interface Async1 ip address 170.1.1.44 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp encapsulation ppp dialer in-band dialer idle-timeout 300 dialer string xxx dialer-group 1 keepalive 10 3 ppp authentication chap ! interface Dialer1 no ip address no ip redirects no ip unreachables no ip proxy-arp no cdp enable ! ip nat inside source route-map nonat interface Ethernet1 overload ip classless no ip forward-protocol udp netbios-ns no ip forward-protocol udp netbios-dgm ip forward-protocol udp netbios-ss ip forward-protocol udp 42508 ip route 0.0.0.0 0.0.0.0 xxxxx ip route 0.0.0.0 0.0.0.0 Async1 200 ip http server no ip http secure-server ! logging facility local0 logging 172.17.1.31 access-list 100 remark VTY Access-class list access-list 100 remark SDM_ACL Category=1 access-list 100 permit ip 192.168.0.0 0.0.255.255 any access-list 100 permit ip 172.17.0.0 0.0.255.255 any access-list 100 permit ip 172.16.0.0 0.0.255.255 any access-list 100 deny ip any any access-list 101 remark auto generated by SDM firewall configuration access-list 101 remark SDM_ACL Category=1 access-list 101 deny ip xxxxxx 0.0.0.31 any access-list 101 deny ip host 255.255.255.255 any access-list 101 deny ip 127.0.0.0 0.255.255.255 any access-list 101 permit ip any any access-list 102 remark auto generated by SDM firewall configuration access-list 102 remark SDM_ACL Category=1 access-list 102 permit ahp host xxx host xxxx access-list 102 permit esp host xxx host xxxx access-list 102 permit udp host xxx host xxxx eq isakmp access-list 102 permit udp host xxxx host xxx eq non500-isakmp access-list 102 permit ip 172.17.0.0 0.0.255.255 192.168.44.0 0.0.0.255 access-list 102 permit ip 172.16.0.0 0.0.255.255 192.168.44.0 0.0.0.255 access-list 102 deny ip 192.168.44.0 0.0.0.255 any access-list 102 permit icmp any host xxx echo-reply access-list 102 permit icmp any host xxx time-exceeded access-list 102 permit icmp any host xxx unreachable access-list 102 deny ip 172.16.0.0 0.15.255.255 any access-list 102 deny ip 192.168.0.0 0.0.255.255 any access-list 102 deny ip 127.0.0.0 0.255.255.255 any access-list 102 deny ip host 255.255.255.255 any access-list 102 deny ip host 0.0.0.0 any access-list 102 deny ip any any log access-list 110 deny ip 192.168.44.0 0.0.0.255 172.16.0.0 0.0.255.255 access-list 110 deny ip 192.168.44.0 0.0.0.255 172.17.0.0 0.0.255.255 access-list 110 permit ip 192.168.44.0 0.0.0.255 any access-list 120 permit ip 192.168.44.0 0.0.0.255 172.16.0.0 0.0.255.255 access-list 120 permit ip 192.168.44.0 0.0.0.255 172.17.0.0 0.0.255.255 access-list 121 permit ip 192.168.44.0 0.0.0.255 172.17.0.0 0.0.255.255 access-list 121 permit ip 192.168.44.0 0.0.0.255 172.16.0.0 0.0.255.255 access-list 150 permit esp host xxxx host 0.0.0.0 access-list 150 permit udp host xxx host 0.0.0.0 eq isakmp access-list 150 permit ip any 192.168.44.0 0.0.0.255 dialer-list 1 protocol ip permit no cdp run route-map nonat permit 10 match ip address 110 ! banner login ^CC Bx Violators will be prosecuted Welcome to Cxxxx ! line con 0 password 7 xxx login local modem autoconfigure discovery modem enable transport output telnet stopbits 1 speed 115200 flowcontrol hardware line aux 0 login local transport output telnet line vty 0 4 access-class 100 in password 7 xxx login local transport input telnet ! scheduler max-task-time 5000 scheduler interval 500 ! end

Reply to
computertech33
Loading thread data ...

Your DHCP server config looks ok, I think.

With:

debug ip dhcp server events debug ip dhcp server packet

in effect, what do you see when a PC configured for DHCP does an ipconfig /renew ?

Aaron

Reply to
Aaron Leonard

Could be me not seeing it, but has the dhcp service been enabled? conf t service dhcp

Wouter

Reply to
wouter

~ > ~ Hi All. I have a remote branch that uses a Cisco 831 as a DHCP server. ~ > ~ The problem is, the router does not push out ip addresses. We have to ~ > ~ manually set the ip address on each computer. ~ > ~ ~ > ~ Can someone tell me what is wrong with this config?

~ Could be me not seeing it, but has the dhcp service been enabled? ~ conf t ~ service dhcp ~ ~ Wouter

That's funny; this is the first time I've ever heard of this "service dhcp" command.

It seems that "service dhcp" is enabled by default, so that's why you don't see it in the config.

Again, I'd just turn some debugs to see why DHCP isn't working.

Aaron

Reply to
Aaron Leonard

Could it be the helper addresses forwarding the DHCP requests to the servers specified before 'hitting' the pool?

Reply to
Al

~ Aaron Leonard wrote: ~ > On Wed, 8 Nov 2006 15:37:27 +0100, "wouter" wrote: ~ >

~ > ~ > ~ Hi All. I have a remote branch that uses a Cisco 831 as a DHCP server. ~ > ~ > ~ The problem is, the router does not push out ip addresses. We have to ~ > ~ > ~ manually set the ip address on each computer. ~ > ~ > ~ ~ > ~ > ~ Can someone tell me what is wrong with this config? ~ >

~ > ~ Could be me not seeing it, but has the dhcp service been enabled? ~ > ~ conf t ~ > ~ service dhcp ~ > ~ ~ > ~ Wouter ~ >

~ > That's funny; this is the first time I've ever heard of this "service dhcp" ~ > command. ~ >

~ > It seems that "service dhcp" is enabled by default, so that's why you don't see ~ > it in the config. ~ >

~ > Again, I'd just turn some debugs to see why DHCP isn't working. ~ >

~ > Aaron ~ ~ Could it be the helper addresses forwarding the DHCP requests to the ~ servers specified before 'hitting' the pool?

I like *this* theory.

Aaron

Reply to
Aaron Leonard

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.