Using DHCP with a Cisco VPN concentrator

Patrick Topping patrick.topping at hypermediasystems.com
Sat Jun 17 16:31:09 UTC 2006 

Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
I have been trying to get DHCP set up for (2) Cisco 3030 VPN
concentrators.  I have confirmed that the configuration on the devices
is correct but I am still not able to get an address from the DHCP
server.  I think the issue may be how the DHCP address is being
requested.  The VPN client are all on Windows XP and running the Cisco
VPN client.  Below is what I am seeing on the DHCP server when the
request is being relayed via the VPN concentrator:

Jun 16 19:03:05 scratchy dhcpd: DHCPDISCOVER from 00:03:a0:89:22:43 via
10.6.1.122: unknown network segment
Jun 16 19:03:07 scratchy dhcpd: DHCPDISCOVER from 00:03:a0:89:22:43 via
10.6.1.122: unknown network segment
Jun 16 19:03:11 scratchy dhcpd: DHCPDISCOVER from 00:03:a0:89:22:43 via
10.6.1.122: unknown network segment
Jun 16 19:03:19 scratchy dhcpd: DHCPDISCOVER from 00:03:a0:89:22:43 via
10.6.1.122: unknown network segment

I think the problem is the multiple DHCPDISCOVER requests coming from
the concentrator / VPN client.  Below is a section from a Microsoft
support site:

CAUSE
This problem occurs if all the following conditions are true:=20
=E2=80=A2
The client computer's lease of the
IP address has expired.
=E2=80=A2
The IP address that the client
computer was using is no longer
available.
=E2=80=A2
The client computer is using a
non-Microsoft DHCP server.
=E2=80=A2
The non-Microsoft DHCP server is
configured to ignore "duplicate"
DHCP discover messages
(DHCPDISCOVER).


RESOLUTION
To resolve this problem, configure the DHCP server to not ignore
"duplicate" DHCP discover messages. For example, if you are using a
Lucent VitalQIP DHCP server device, configure the CheckTransactionID=3D0
parameter in the Dhcpd.pcy file so that the DHCP server answers all DHCP
discover messages. Contact the manufacturer of your DHCP server device
for information about how to configure this setting.=20

With this resolution listed, is there a way to configure DHCP to not
ignore "duplicate" DHCP discover messages?  If anyone has used DHCP with
their Cisco VPN concentrators before and know how to make it work I
would great appreciate your help.  Thanks in advance.

-Patrick

More information about the dhcp-users mailing list