Has anyone tried this?
PIX 506e 6.3(5)
I'd like my VPN clients to get their IP addresses from our internal DHCP server, not the PIX. I can enable DHCP relay on the outside interface and point it at the internal DHCP server, but this just doesn't sound like a good idea. Would I have to permit inbound DHCP requests or, since it's inside a tunnel, would it pass through without opening up the firewall.
Ultimately I what I'm really after is a way to use DHCP to hand out the same address to a given workstation regardless if it is connected to the LAN or VPN. I have a feeling DHCP won't work for this even if it does relay the request.
Has anyone tried something like this, or has an idea how it may be accomplished?