Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DHCP service - ASA5505

Status
Not open for further replies.
dciadmin

dciadmin

IS-IT--Management
May 10, 2002
34
I think this is a simple question:

We have an ASA5505 handling the DHCP for our business network. On our main Windows 2000 Server domain controller, we get an error in the Event Viewer every hour:

"the DHCP/BINL service has determined that it is not authorized to service clients on this network for the Windows domain: "

If I go to DHCP in the Admin Tools on the server, it tells me that I need to authorize the DHCP which would seem to tell me that it already knows that the windows 2000 server is not the DHCP server. It does however have the DHCP Server service started. Is this just a simple matter of disabling the DHCP Server service on the 2000 server? Any reason not too?

I guess this is a two part question .... I read some opinions that the DHCP function shouldn't be on the ASA5505 in the first place (it was put on there by a third party consultant). Is there advantage to having the windows 2000 server handle that function instead?

thanks for the help,

JL
 
Sort by date Sort by votes
If you are running a business network with a Windows Domain controller then really the ASA Firewall probably shouldn't be your users/servers default gateway... However if this is a very small network then it will work with either the ASA or the Windows Server as the DHCP server. I would recommend a layer-3 switch and a bit more structure in the network but each to their own...

If the only network you are providing DHCP for is the one the ASA is handling then you can disable the DHCP service on the Windows Server. However you could do it the other way around and disable DHCP on the ASA and configure it on the Windows Server. Since it is a DC then you would need to authorise it by right-clicking on the server in DHCP manager and clicking 'Authorise'.

I would look deeper at the infrastructure though as it sounds like the you don't have internal DNS (almost essential for Windows 2000+) and all your non-local traffic is being sent to the ASA.

Andy
 
Upvote 0 Downvote
Andy,

Thanks for the reply. We are a fairly small network and this whole system was kind of dumped on me years ago. I obviously don't have much experience but needed to keep it running. I am attempting to figure out how/why it was setup like it was. I have had to put my trust in the 3rd party people that have come in and set these things up.

Thanks for the suggestions. I will look into them further.

JL
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

xwray
  • Locked
  • Question
PIX 501 DHCP Server function
Replies
0
Views
61
xwray
xwray
brownmab53
  • Locked
  • Question
PIX 525 ASA not allowing DHCP addresses to pass through to router
Replies
0
Views
71
brownmab53
brownmab53
joblack23
  • Locked
  • Question
asa5505 in rommon stuck
Replies
0
Views
52
joblack23
joblack23
joblack23
  • Locked
  • Question
ASA5505 port mapping
Replies
1
Views
52
imbadatthis
imbadatthis
neutec
  • Locked
  • Question
Adding another Public IP to ASA5505
Replies
1
Views
54
iggsterman
iggsterman

Part and Inventory Search

Sponsor

Back
Top