Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > DHCP Address to 871W Public Interface - ACL Help

Reply
Thread Tools

DHCP Address to 871W Public Interface - ACL Help

 
 
tom
Guest
Posts: n/a
 
      05-08-2006
I have a Cisco 871W, and I need help correctly creating an ACL that
will allow for the public-facing interface (fa4) to receive an IP from
my ISP.

With no ACL, I get an IP address with no issue. With an ACL that
actually does something (allowing some web and TS traffic), I will not
get a DHCP address (the implicit deny at the end).

I have tried permitting all traffic from the DHCP server (it uses a
private IP of 172.19.97.40), but still no DHCP. I tried permitting all
traffic from any source to ports 546 and 547, but again with no
success.

I can end my ACL with a permit all UDP, and I get an IP address via
DHCP, but of course I don't want to allow this.

My guess is that the second part of the DHCP process, where the DHCP
server sends the client an IP address but still using the broadcast
address, it where the problem is. I am not sure how to work around
this.

Thanks for your help.

-tom

 
Reply With Quote
 
 
 
 
tom
Guest
Posts: n/a
 
      05-08-2006
Figured it out -

For what it's worth, here's what I did. Rather than rely on the
implicit deny at the end of the ACL, I created a "deny udp any any log"
rule, and then looked to see what was being blocked. This is how I
found out the IP of the router in the depths of my ISP that was
forwarding the DHCP packets (totally forgot that since the DHCP packet
was going to be sent to 255.255.255.255, that it would have to be
forwarded by a router there). I permitted incoming from that router to
255.255.255.255, and all is well.

-tom

 
Reply With Quote
 
 
 
 
alanschmid@gmail.com
Guest
Posts: n/a
 
      06-02-2006
tom wrote:
> Figured it out -

I permitted incoming from that router to
> 255.255.255.255, and all is well.
>
> -tom


Good job, tom. The last thing you would think that Cisco would do is
block outside broadcasts when you have set up a PPPOE connection.

I'm actually still having problems, but some of it could be Sprint's
latency around here, and the fact that I have a DSL modem circa 1845
(they're shipping a new one).

I've blown away all of the settings for incoming and outgoing and still
can't get a DHCP on that external dialer0 interface. I have a CCIE
sitting next to me that is mystified as well.

Silly Cisco... GUI is for kids!

Can you post your successful running config for me?

Much thanks,
Alan

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd loyola MCSE 4 11-15-2006 02:40 AM
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd loyola Microsoft Certification 3 11-14-2006 05:18 PM
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd loyola MCSD 3 11-14-2006 05:18 PM
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd realexxams@yahoo.com Microsoft Certification 0 05-10-2006 02:35 PM
microsoft.public.dotnet.faqs,microsoft.public.dotnet.framework,microsoft.public.dotnet.framework.windowsforms,microsoft.public.dotnet.general,microsoft.public.dotnet.languages.vb Charles A. Lackman ASP .Net 1 12-08-2004 07:08 PM



Advertisments