Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 4 replies
  • Subscribers 3 subscribers
  • Views 2096 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DHCP relay mit DHCP Server in AWS

Rene_B

Hallo zusammen,

Folgendes Setup:

Sophos SG230

10 vlans lokal

2 DHCP Server in AWS - windows server 2012

Scopes wurden entsprechend auf den Servern konfiguriert.

AWS VPN funktioniert, bgp routing auch, Firewall Regeln in AWS sind offen, DHCP relay server auf der Sophos für die Netze konfiguriert

Leider bekomme ich hinten dran am Client keine IPs zugewiesen.

Weder auf der Sophos, noch auf den DHCP Servern tauchen logs auf.

Jemand ne Idee womit ich das troubleshooting starten kann?

Greets

Rene



This thread was automatically locked due to age.
Parents
  • 0

    Hi Rene,

    soweit ich weiß ist DHCP Relay über VPN nicht möglich.

    Regards

    Jason

    Sophos Certified Architect - UTM

  • +2 in reply to Jason Klein

    Hello,

     well, its possible!

     1. you need to put all relevant interfaces including the external into the list

    2. you need to add a NAT rule

     

    3. create a respective Firewall Rule to allow DHCP traffic from local networks to AWS networks.

    Greets

    Rene

  • 0 in reply to Rene_B

    Hi  

    Thanks for the answer. Last I remember, it was not allowed to add the WAN interface in DHCP relay configuration and that's the reason we could not get it to work.

    However, since we're now able to add into (it must be one of the recent updates), using a SNAT(exactly like you did or you can be precise with services as DHCP), you can achieve that.

    Thanks for trying this out. I think we'll get a KBA for this.

    Regards

    Jaydeep

Reply
  • 0 in reply to Rene_B

    Hi  

    Thanks for the answer. Last I remember, it was not allowed to add the WAN interface in DHCP relay configuration and that's the reason we could not get it to work.

    However, since we're now able to add into (it must be one of the recent updates), using a SNAT(exactly like you did or you can be precise with services as DHCP), you can achieve that.

    Thanks for trying this out. I think we'll get a KBA for this.

    Regards

    Jaydeep

Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML