Dear all expert, i have configure a remote access ipsec vpn in asa5510 and it is working fine when i configure local dhcp address pool assignment. but not working in dhcp-server below is my configuration tunnel-group test type remote-access tunnel-group test general-attributes default-group-poli

I see the same DHCP packets (discover, offer) in tcpdump on the MAG. The MAG logs say. VPN Tunneling: IP address cannot be allocated to user xxx. Solution: Check IP Address Pools / DHCP server state. I can't easily put the MAG and DHCP server on the same subnet; the MAG's internal and external interfaces are on two small VLANs on our router. Aug 03, 2017 · In my case our router DHCP assigns IPs from – The VPN server was configured with a static pool – Because the VPN range overlapped with the DHCP range we had to change VPN static pool to – A DHCP-client sends a broadcast message with a request "I need an IP-address" A DHCP-server catches it and sends back also a broadcast message "I have an IP-address x.x.x.x, do you want it?" The DHCP-client receives the message and sends another one: "Yes, I want the address x.x.x.x" The DHCP-server answers "Ok, then x.x.x.x belongs to you" VPN is configured as you say, DHCP enabled in VPN adapter settings, and even when client connect to the VPN with DHCP enabled, he is being assigned with subnet mask of which is wrong, no DHCP enabled, and no default gateway. VPN is up, i've tried disabling DHCP on home site, and enabling IP helper and pointing it to (office interface IP), allowed UDP 67:68. This was much easier with Sonic to Sonic :P 6 comments Jul 20, 2015 · I tried to change a mode config VPN to VPN with DHCP over IPSec and the command in phase 2 was not available. After I go to phase 1 and set mode config disable the command in phase 2 was available. conf vpn ipsec phase1-interface edit "dhcp_vpn" set mode-cfg disable end conf vpn ipsec phase2-interface edit "dhcp_vpn" set dhcp-ipsec enable end

