Have you ever wondered how DHCP clients get IP addresses from servers not on their own subnet? This lab will discuss and demonstrate the configuration and verification of an IP DHCP helper addresses.
Real World Application & Core Knowledge
So have you ever wondered how a single DHCP server can provide DHCP IP addresses to every PC on the network when the DHCP server is not on the same broadcast domain? After all DHCP request are broadcast request right?
So I have an old Watchguard that is end of life. Planning an upgrade, but its not in the budget right now. Also need more Mobile VPN IPSEC licenses to connect with android devices, but can't purchase them because the unit is end of life. As a temporary measure, I have configured a linux based VPN concentrator behind the Watchguard. About IPSec VPN Negotiations The devices at either end of an IPSec VPN tunnel are IPSec peers. When two IPSec peers want to make a VPN between them, they exchange a series of messages about encryption and authentication, and attempt to agree on many different parameters. WatchGuard Remote Installation Service. #WG001101 Our Price: $595.00. IPSec Mobile VPN Premium client powered by NCP Technology. Includes support for two. IKEv2 incorporated with NAT-T – IKEv1 NAT-T is optional command. ?Description-NAT-T (NAT traversal) is now intergraded part of IKEv2 which means it default enable.NAT-T is required when VPN Gateway (Router) is behind the Proxy or Firewall performing NAT (Network address translation.
Many people wonder how this works but the answer is quite simple. It’s called an IP Helper address. DHCP IP Helper addresses are IP addresses configured on a routed interface such as a VLAN Interface or a routers Ethernet interface that allows that specific device to act as a “middle man” which forwards BOOTP (Broadcast) DHCP request it receives on an interface to the DHCP server specified by the IP Helper address via unicast.
To configure an IP helper address you’ll use the ip helper-address a.b.c.d in interface configuration mode on the interface that is connected to the broadcast domain in which you wish to provide DHCP IP addresses. For example, a VLAN interface or an Ethernet interface on a router connected to a Cisco switch or segregated by a layer 2 VLAN.
In this lab R1 and R2 are placed separate VLAN’s and you will create DHCP pools for each VLAN on R1 then configure an IP Helper address on SW1’s VLAN20 interface connecting to R2 VLAN to ensure that devices on that Ethernet segment can receive DHCP IP address from the DHCP Server (R1). You will test the DHCP and IP Helper configuration using R2 as a simulated host PC.
Familiarize yourself with the following new command(s);
Command | Description |
---|---|
ip helper-address a.b.c.d | This command is executed in interface configuration mode to enable a Layer 3 interface to receive BOOTP DHCP Request and forward them to a specified DHCP server. |
The following logical topology shown below is used in this lab;
Lab Prerequisites
- If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and SW1
- Establish a console session with devices R1, R2 and SW1 than load the initial configurations provided below by copying the config from the textbox and pasting it into the respected routers console.