10-2
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 10 Configuring DHCP
Guidelines and Limitations
• If the number of hosts is unlimited, the maximum available DHCP pool is 256 addresses.
Note By default, the Cisco ASA 5505 adaptive security appliance ships with a 10-user license.
Guidelines and Limitations
Use the following guidelines to configure the DHCP server:
• You can configure a DHCP server on each interface of the adaptive security appliance. Each
interface can have its own pool of addresses to draw from. However the other DHCP settings, such
as DNS servers, domain name, options, ping timeout, and WINS servers, are configured globally
and used by the DHCP server on all interfaces.
• You cannot configure a DHCP client or DHCP relay services on an interface on which the server is
enabled. Additionally, DHCP clients must be directly connected to the interface on which the server
is enabled.
• The adaptive security appliance does not support QIP DHCP servers for use with DHCP proxy.
• When it receives a DHCP request, the adaptive security appliance sends a discovery message to the
DHCP server. This message includes the IP address (within a subnetwork) configured with the
dhcp-network-scope command in the group policy. If the server has an address pool that falls
within that subnetwork, the server sends the offer message with the pool information to the IP
address—not to the source IP address of the discovery message.
• For example, if the server has a pool in the range of 209.165.200.225 to 209.165.200.254, mask
255.255.255.0, and the IP address specified by the dhcp-network-scope command is
209.165.200.1, the server sends that pool in the offer message to the adaptive security appliance.
Failover Guidelines
Supports Active/Active and Active/Standby failover.
Firewall Mode Guidelines
Supported in routed and transparent firewall modes.
Context Mode Guidelines
Supported in single mode and multiple context mode.
•
Configuring DHCP Relay Services
The DHCP Relay pane lets you configure DHCP relay services on the adaptive security appliance.
DHCP relay passes DHCP requests received on one interface to an external DHCP server located behind
a different interface. To configure DHCP relay, you must specify at least one DHCP relay global server
and then enable a DHCP relay agent on the interface that receives DHCP requests.
This section includes the following topics:
• Editing DHCP Relay Agent Settings, page 10-4
• Adding or Editing Global DHCP Relay Server Settings, page 10-4