Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 3 subscribers
  • Views 11160 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DHCP Relay Agent - GIADDR is not the source IP address

SteffenMüller

The setup: Sophos act as DHCP Relay Agent

  • Client Interface: eth7 (192.168.0.1)
  • Transit Interface to DHCP-Server: eth2 (192.168.10.1)
  • DHCP-Server 192.168.100.1 
  • Relay Agent is set to 192.168.100.1

Requests go through to DHCP-Server but the replies don't come back to the client or relay agent.

It looks like the problem is that the DHCPDISCOVER is being sent from eth2 (Transit interface) but, like the protocol stipulates, is being replied to via GIADDR (eth7).

It seems to me that the source IP address should be the GIADDR (192.168.0.1). I don't see how to configure this in the DHCP relay agent. Any ideas how to resolve the problem?



This thread was automatically locked due to age.
Parents
  • 0

    Hi, Steffen, and welcome to the UTM Community!

    In the following, is 192.168.10.1 a typo and should that be 192.168.100.1?  If so, what is the correct address of the DHCP-Server?

     

    • Transit Interface to DHCP-Server: eth2 (192.168.10.1)
    • DHCP-Server 192.168.100.1 

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    I hope this picture help to understand the network topology.

  • 0 in reply to SteffenMüller

    It's still not clear what's happening in the transfer network and the two devices connected to it, but that may not be an issue.

    How does the UTM know how to reach 192.168.100.0/24?  Please show a picture of the 'DHCP Relay Configuration' in the UTM.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    With Policy Routing:

    Route Type: Gateway Route
    Source Interface: eth7
    Source Network: 192.168.0.0\24
    Service: Any
    Destination: Any
    Gateway: 192.168.10.2 (Endpoint of Transit-Network)

    DHCP-Relay Configuration:

    DHCP-Server: 192.168.100.1 
    Interfaces: eth2 & eth7

Reply Children
  • 0 in reply to SteffenMüller

    Why should the DHCP Server + Transfer Network even be able to reach eth7?  If I understand the intent, I don't think that IP on eth7 should be directly reachable.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML