|
Home > Archive > CCNP > September 2001 > To All you Cisco GURUS!!!!
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
To All you Cisco GURUS!!!!
|
|
| ac1122 2001-09-24, 11:27 am |
| Ok guys,
Lets see if anyone can help me out with this problem. This issue just happened Last week. I have a remote office connecting to my main office through a 128K Frame Relay connection. The users however are unable to receive an ip address through DHCP. The funny thing is if the user has an IP address and tries to renew the lease it is successful, but If it loses its IP address (ipconfig /release) and then we try to renew it is unable to receive one from the DHCP server. I have set up the (IP helper address), and I even set up an access list to debug traffic.
I did a (No IP route cache) on the interfaces.
Then...
access-list 199 permit IP any host (IP address of DHCP server)
access-list 199 permit IP host (IP address of DHCP server) any
Then I did
Debug IP Packet 199 detail.
I see no communication (to or from the DHCP server) when we do an (ipconfig /renew) on the pc.
If I assign a static IP to the pc everything works fine.
The PCs are directly connected to a hub which the Cisco 1601 router is connected to.
I also checked the DHCP server to make sure all the settings where correct, and I saw no issues with that. I don't have access to sniffer pro so that's out of the question. I'm just really stumped. Anything else I should try? | |
| strikeattack 2001-09-24, 1:54 pm |
| The first thing you need to do is remove the access-list from the interface. Access-lists are great, but only once you know everything is working should you try and apply one and begin restricting traffic.
The second thing is of course, make sure you remote lan is addressed appropriately. This includes making sure that the clients have a correctly loaded TCP/IP stack, you can ping the router's FE interface, and that the nodes and the router's FE interface are all in the same network ID.
This part is from memory, so bear with me...
If I remember correctly, when specifying helper-addresses, you need to use the command IP HELPER-ADDRESS <IP ADDRESS> on every interface that you want to begin forwarding on. By default, the IP FORWARD-PROTOCOL UDP command enables forwarding for ports associated with the following protocols: Trivial File Transfer Protocol, Domain Name System, Time service, NetBIOS Name Server, NetBIOS Datagram Server, Boot Protocol, and Terminal Access Controller Access Control System. I would make sure that this command is in your running-config.
Let me know if this helps. | |
| ac1122 2001-09-24, 2:17 pm |
| Thanks for the response. The only reason I set up the access list is to debug the router. Since I only want to see info from my DHCP server that is why I set up that access list.
If I didnt not do that and I just did a
Debug ip packet detail it would most likely crash the router TRUST me I crashed a 7206.
AS for the command ip helper address
By default, the ip helper-address command will forward these 8 UDP ports:
UDP PORT
Common Name.
69
TFTP
67
BOOTP Client
68
BOOTP Server
37
Time Protocol
49
TACACS
53
DNS
137
NetBios
138
NetBios Datagram
This is what I remember. The funny thing is, it WAS working at one point for a long time and then it just stopped.
Really intersting since no changes have been made.
I guess Im just frustrated thats all!!
I appreciate your help in the matter.
Thanks
ac1122 | |
| ac1122 2001-09-24, 3:09 pm |
| Got it figured it out.
My partner had put in the command
NO IP BOOTP Server
Thats why users were unable to get a DHCP address. I guess thats why when users were connected and their lease was about to expire ,they were able to connect to the DHCP server since they know were it is. And also I guess when they didnt not have an ip address e.g (ipconfig /release) and the NO IP BOOTP SERVER command was issued they had no way of initiating contact with the DHCP server????
Im just theorizing here.
Well in any case thanks for all your help.
Problem solved.
ac1122 | |
| strikeattack 2001-09-24, 3:56 pm |
| Great. Glad I was able to help. I was going to have you post a copy of your startup-config next, but that obviously won't be necessary now. What in the world was your partner thinking? |
|
|
|
|