none
DHCP issue RRS feed

  • Question

  • Hello

    I didn't foud a working answer on the web so here i come asking for your help.

    I have 2 Vlans on my network. 192.168.1.0/24 and 192.168.2.0/24

    1.0 is for computers and 2.0 for servers.

    i want to deploy a DHCP server on the 2.0 vlan to give IPs to the 1.0 VLAN (the server's IP is 192.168.2.6)

    currently, the DHCP is managed by my firewall and everything is OK but when i remove it from the firewall and activate my DHCP pool on my server, computers won t receive IP anymore.

    i tried rebooting the server, and i configured my switch with "ip helper-address all 192.168.2.6"

    Can you help me on this ?

    Thank you 

    Saturday, May 19, 2018 6:04 PM

All replies

  • Hi,

    Thanks for your question.

    Could you get servers’ IPs in vlan 2.0 from DHCP server?  May I know your switch model? Because the command for DHCP relay is not different between different switches.

    I observed that it will need to configure IP-helper address to the specific interface with vlan in Cisco Switch like the following. But I'm not very sure about the accuracy of this switch command, we best also consult the switch vendor.

    Here are links refer to configuring DHCP relay on cisco switch, it may be helpful.

    Cisco Switches Setup DHCP Relay

    http://www.techieshelp.com/cisco-switches-setup-dhcp-relay/

                   

    Configuring the Cisco IOS DHCP Relay Agent

    https://www.cisco.com/en/US/docs/ios/12_4t/ip_addr/configuration/guide/htdhcpre.html#wp1095442

    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    Hope this helps. I look forward hearing your good news. If you have any questions, please feel free to let me know.

    Have a nice day!

    Best regards,

    Michael


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com



    Monday, May 21, 2018 2:57 AM
  • Do you have access from problem workstation to DHCP server with manual entered address from pool (ping, etc.)? Run IPConfig /renew - will get an address or not? Are there not any rules on switch, like dhcp snooping?
    Monday, May 21, 2018 8:27 AM
  • Hi 

    thanks for your answer.

    the other servers have static IP's so they don't receive DHCP. 

    My switch is a cisco small business SG500

    IP helper address goes on the globa config of the switch no? or it has to go on each port ?

    Monday, May 21, 2018 5:13 PM
  • Hi. 

    Yes, i have acces to the DHCP server if i use a static address. I already tried all the ipconfig commands but it says that the DHCP server can't be reached

    Monday, May 21, 2018 5:14 PM
  • Hi 

    thanks for your answer.

    the other servers have static IP's so they don't receive DHCP. 

    My switch is a cisco small business SG500

    IP helper address goes on the globa config of the switch no? or it has to go on each port ?

    EDIT: After trying to configure a specific vlan or interface with the ip helper command, it looks like the small business series can only add the IP helper config on the global config, not a specific interface.
    Tuesday, May 22, 2018 12:05 AM
  • Hi,

    Based on this specific situation, we could set one computer in vlan 2.0 use DHCP to get its IP. If it can work, we can determine the DHCP server work fine.

    Then we're certain this issue is more related to the configuration of the Switch. Due to I'm also not familiar with this configuration, we best consult Cisco for support.

    Highly appreciate your effort and time. If you have any question and concern, please feel free to let me know.

    Best regards,

    Michael


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com


    Tuesday, May 22, 2018 3:03 PM
  • Hi Michael

    I tried settind one computer one the same vlan as the DHCP server but i didn't received any IP.

    so i tried conecting the computer directly on the server. i configured two scopes on the DHCP in order to test.

    one is giving 2.0 IPs and the other 1.0 IPs.

    when connected, the computer receives an IP of the 2.0 vlan which is normal since the server has a 2.0 static IP.

    But how can i configure the DHCP so the computer directly attached to it receives a 1.0 IP ? do i need to create a superscope ?

    thanks 

    Wednesday, May 23, 2018 7:11 PM
  • you'll want to look into tagged and untagged vlans sounds like you are tagging your ports. or as it looks like above if they are even tagged in the first place.

    :shrug: good luck

    Wednesday, May 23, 2018 7:14 PM
  • Hi Michael

    I tried settind one computer one the same vlan as the DHCP server but i didn't received any IP.

    so i tried conecting the computer directly on the server. i configured two scopes on the DHCP in order to test.

    one is giving 2.0 IPs and the other 1.0 IPs.

    when connected, the computer receives an IP of the 2.0 vlan which is normal since the server has a 2.0 static IP.

    But how can i configure the DHCP so the computer directly attached to it receives a 1.0 IP ? do i need to create a superscope ?

    thanks 

    My last test showed that even connected directly to the server, i don't receive the desired IP's. The first issue comes from the server then.
    Wednesday, May 23, 2018 10:26 PM
  • Also, i saw on the cisco forums that the IP helper address command doesn't work on small business series.

    the command is "ip dhcp relay address 192.168.2.6"


    Wednesday, May 23, 2018 10:28 PM
  • Hi,

    Sorry for my delay. How are things going on?

    You can simply configure the Switch by its command "ip dhcp relay address 192.168.2.6" for DHCP relay. Your original solution for this implementation is OK and not need Superscope. I think the point of the issue still is DHCP relay and the Switch configuration.

    In addition, if one computer on VLAN 2.0 can receive IP from DHCP server on VLAN 2.0 . We can confirm the DHCP server works well.

    Highly appreciate your effort and time. If you have any question and concern, please feel free to let know.

    Best regards,

    Michael 


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Friday, May 25, 2018 3:01 PM
  • Hi

    thyanks for your reply

    the command IP DHCP relay is already configured on my switch and is enabled on my 1.0 vlan

    yes, the DHCP works but not exactly as i expected. 

    In my test, the computer receives a 2.0 IP from the server on 2.0 vlan.

    What i need is that this same computer receives a 1.0 IP from the server on the 2.0 vlan. 

    Is it technically possible for the DHCP to make this happen? or do i need the DHCP server to be on the 1.0 vlan necessarily?

    Thanks

    Friday, May 25, 2018 9:26 PM
  • Hello 

    can someone help me on this one ?

    i still can figure out where the problem is

    thanks 

    Thursday, May 31, 2018 2:56 PM
  • did you trunk the vlan your dhcp is NOT sitting on to the port your DHCP is on? did you configure routing between vlans? 

    it honestly just sounds like you are miles out of your depths here.

    Thursday, May 31, 2018 3:44 PM
  • Hi 

    the switchport the DHCP server is conneced on is like this 

    interface gigabitethernet4/1/19
     switchport trunk allowed vlan add 20
     switchport trunk native vlan 10 
    

    where vlan 20 is the server vlan and 10 is the PC vlan

    the other ports where laptops are connected are like this

    interface gigabitethernet4/1/18
     switchport trunk allowed vlan add 9 
     switchport trunk native vlan 10

    vlan 9 is VoIP

    and yes, there is intervlan routing between 10 and 20

    maybe i should tag these other ports with vlan 20 also no ?

    thanks for your help

    Thursday, May 31, 2018 4:36 PM
  • with this; have you statically set all of your clients to vlan 10 on each individual NIC of each individual client?
    Thursday, May 31, 2018 5:40 PM
  • with this added information too; i'm guessing the phones are not getting DHCP addresses as well?
    Thursday, May 31, 2018 5:42 PM
  • No, currently there is a DHCP service on the firewall and every computer receives dynamic IP s from it. 

    the DHCP of the firewall is leasing adresses in the 1.0 subnet. i just need to move this dhcp service to my windows server.

    The phones are getting DHCP adresses from the PBX that is in another subnet

    Thursday, May 31, 2018 6:10 PM
  • and since you still have not answered the question; i'll be blunt. 

    Do you know the difference between tagged and untagged vlans?

    Thursday, May 31, 2018 6:15 PM
  • well usually it's necessary to tag when the port is trunked and it's not necessary to tag if the port is access.

    so when there are vlan's on a switch, the ports are trunked and the traffic needs to be tagged right ?

    and untagged for access ports with no vlans

    thanks


    Thursday, May 31, 2018 7:09 PM
  • anddd there is the problem.

    vlan tagged vs untagged.

    Thursday, May 31, 2018 7:48 PM
  • Yeah i already googled it but i was hoping you could explain it to me more clearly.

    thanks

    Thursday, May 31, 2018 8:17 PM
  • Hi 

    the switchport the DHCP server is conneced on is like this 

    interface gigabitethernet4/1/19
     switchport trunk allowed vlan add 20
     switchport trunk native vlan 10 

    where vlan 20 is the server vlan and 10 is the PC vlan

    so; this is part of the problem. you are tagging the line you are connecting your server from for the client vlan.

    the rest of your problem. . . idk; you haven't shared the full config, even if you did, i won't go over it. good luck little buddy.

    Thursday, May 31, 2018 8:36 PM
  • mmm

    so if i get it right, the correct config would be 

    interface gigabitethernet4/1/19
     switchport trunk allowed vlan add 20

    for the server port ? this can be set as access like this no?

    interface gigabitethernet4/1/19
     switchport mode acces
     switchport access vlan 20

    and for the client ports, 

    interface gigabitethernet4/1/18
     switchport trunk allowed vlan add 9, 20
     switchport trunk native vlan 10

    am i completely wrong on this ?

    in case you change your mind, here is the full config with the two ports i mentionned you 

    Thank you very much for your time

    config-file-header SW-CORE v1.3.0.62 / R750_NIK_1_3_647_260 CLI v1.0 set system mode router queues-mode 4 file SSD indicator encrypted @ ssd-control-start ssd config ssd file passphrase control unrestricted no ssd file integrity control ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0 ! vlan database vlan 9,20,10 exit voice vlan id 9 voice vlan oui-table add 0001e3 Siemens_AG_phone________ voice vlan oui-table add 00036b Cisco_phone_____________ voice vlan oui-table add 00096e Avaya___________________ voice vlan oui-table add 000fe2 H3C_Aolynk______________ voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone voice vlan oui-table add 00d01e Pingtel_phone___________ voice vlan oui-table add 00e075 Polycom/Veritel_phone___ voice vlan oui-table add 00e0bb 3Com_phone______________ ip dhcp relay address 192.168.2.6 ip dhcp information option bonjour interface range vlan 1 hostname SW-CORE management access-list ssh permit service ssh exit no logging console ip http authentication aaa login-authentication none passwords aging 365 username admin password encrypted 7ff179133f1456f1ef8d412391f7e44ca6800203 privilege 15 username dimtel password encrypted a8232c8a301c884440c58c3a6b74e3433d808c93 privilege 15 username reader password encrypted 844af81c5dd22a9efbc6f8c2d27733687b7d8636 privilege 15 ip ssh server stack master unit 1 clock timezone " " 0 minutes 0 no ip domain lookup ip name-server 8.8.8.8 ip domain polling-interval 18 ! interface vlan 1 no ip address dhcp ! interface vlan 9 name voz ip address 192.168.227.251 255.255.255.0 ! interface vlan 20 name srv ip address 192.168.2.0 255.255.255.0 ! interface vlan 10 name datos ip address 192.168.1.0 255.255.255.0 ip dhcp relay enable ! interface gigabitethernet4/1/18 switchport trunk allowed vlan add 9 switchport trunk native vlan 10 ! interface gigabitethernet4/1/19 switchport trunk allowed vlan add 20 switchport trunk native vlan 10

    Thursday, May 31, 2018 9:09 PM
  • mmm

    so if i get it right, the correct config would be 

    interface gigabitethernet4/1/19
     switchport trunk allowed vlan add 20

    for the server port ?NO this can be set as access like this no? NO

    interface gigabitethernet4/1/19
     switchport mode acces
     switchport access vlan 20

    and for the client ports,NO

    interface gigabitethernet4/1/18
     switchport trunk allowed vlan add 9, 20
     switchport trunk native vlan 10

    am i completely wrong on this ? Yeah; kinda

    in case you change your mind, here is the full config with the two ports i mentionned you 

    Thank you very much for your time

    config-file-header SW-CORE v1.3.0.62 / R750_NIK_1_3_647_260 CLI v1.0 set system mode router queues-mode 4 file SSD indicator encrypted @ ssd-control-start ssd config ssd file passphrase control unrestricted no ssd file integrity control ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0 ! vlan database vlan 9,20,10 exit voice vlan id 9 voice vlan oui-table add 0001e3 Siemens_AG_phone________ voice vlan oui-table add 00036b Cisco_phone_____________ voice vlan oui-table add 00096e Avaya___________________ voice vlan oui-table add 000fe2 H3C_Aolynk______________ voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone voice vlan oui-table add 00d01e Pingtel_phone___________ voice vlan oui-table add 00e075 Polycom/Veritel_phone___ voice vlan oui-table add 00e0bb 3Com_phone______________ ip dhcp relay address 192.168.2.6 ip dhcp information option bonjour interface range vlan 1 hostname SW-CORE management access-list ssh permit service ssh exit no logging console ip http authentication aaa login-authentication none passwords aging 365 username admin password encrypted 7ff179133f1456f1ef8d412391f7e44ca6800203 privilege 15 username dimtel password encrypted a8232c8a301c884440c58c3a6b74e3433d808c93 privilege 15 username reader password encrypted 844af81c5dd22a9efbc6f8c2d27733687b7d8636 privilege 15 ip ssh server stack master unit 1 clock timezone " " 0 minutes 0 no ip domain lookup ip name-server 8.8.8.8 ip domain polling-interval 18 ! interface vlan 1 no ip address dhcp ! interface vlan 9 name voz ip address 192.168.227.251 255.255.255.0 ! interface vlan 20 name srv ip address 192.168.2.0 255.255.255.0 ! interface vlan 10 name datos ip address 192.168.1.0 255.255.255.0 ip dhcp relay enable ! interface gigabitethernet4/1/18 switchport trunk allowed vlan add 9 switchport trunk native vlan 10 ! interface gigabitethernet4/1/19 switchport trunk allowed vlan add 20 switchport trunk native vlan 10

    Nope; not changing my mind. Sorry bud; only teach those that work under me. Giggidy.
    Thursday, May 31, 2018 9:34 PM
  • Nope; not changing my mind. Sorry bud; only teach those that work under me. Giggidy.

    So... why are you even on this forum if not for helping others ?
    Thursday, May 31, 2018 10:49 PM
  • to reaffirm humanity is hopeless.
    Friday, June 1, 2018 2:31 PM
  • to reaffirm humanity is hopeless.

    that's kind of ironic since humanity is hopeless because of people like you :D

    anyway, is there someone in this forum willing to help please ?

    thank you


    Friday, June 1, 2018 5:11 PM
  • Bump; for this friendly fella' here.
    Thursday, June 14, 2018 8:07 PM