Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
morris
Contributor

DHCP-relay through VPN-tunnel on centrally managed DAIP-SMB

Hey guys,

we are currently doing some PoC-stuff and started to have some issues regarding dhcp-relay.

Setup:

  • centrally managed DAIP-SMB
    • WAN-Port configured as Internet
      • DHCP behind DSL-Router (DSL-Router is Gateway for SMB)
      • 192.168.x.x
    • LAN1-Switch has 10.x.x.1/24
  • Management reachable through static-NAT on central Gateway 

We configured everything described in this article. And its working!

If SMB is DHCP-Server for LAN1-Switch, all devices connected to LAN1-Switch can connect to central network.

 

We observe that logs of tunnel_test are either between
Cluster-GW -Public-IP <-> DAIP from DSL Router
or
WAN-Port-Address-192.168.x.x <-> Cluster-GW -Public-IP

 

If we configure dhcp-relay for LAN1-Switch the SMB uses its WAN-Port-Address-192.168.x.x. But we expect to use its LAN1-Switch address 10.x.x.1.

Also if we connect via ssh or serial console to 10.x.x.1 and ping devices on central site, it uses 192.168.x.x instead of 10.x.x.1 

 

Did we miss something in the configuration or is this working as designed? Do you have some clue to solve this?

Regards,
Morris

0 Kudos
2 Replies
PhoneBoy
Admin
Admin

I would assume we'd be using the IP of the interface nearest to the destination, which in this case would be the 192.168.x.x address.
As such, I expect this is working as designed.

0 Kudos
Dan_Cannon
Contributor

Under device, Advanced settings there is an option "DHCP Relay - Use internal IP addresses as source".  Set this to true and this will fix the issue...

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events