Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
02-19-2018 03:23 PM
Hi
So I want to get my VOIP phones to dhcp to the vPBX.
Phone are on a vlan in the office vPBX is in the DC
so vlan for phone -> PA -> vlan -> arista switch -> vlan -> PA (clustered A/A) -> vlan -> vPBX
So I can setup DHCP relay on the first PA and I can set the DHCP server as being the ip of the vPBX, and I believe as it will be a unicast and not broadcast it should make it there.
But I am think of the response how does it make it back as it will be a broadcast response ...
can I do it ?
02-19-2018 03:44 PM
Hi @Alex_Samad
On the first PA you need to configure a DHCP relay agent (https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/networking/dhcp/configure-an-interfa...)
This DHCP relay agent keeps track of the received DHCP requests to that rhe unicast reply from the DHCP server will find its way back to the device which sent the broadcast request.
02-19-2018 03:57 PM
The way back is only a unicast which the PA (with DHCP relay agent) then forwards to the right device based on the mac address
02-20-2018 09:04 AM
Hello,
As @Remo state is will work. I have a similar setup and all you need is the DHCP relay setup on the PAN that is performing the relay. The reply addresss becomes the PAN's IP and hte PAN knows where to send it based on MAC address.
Also make sure to allow the DHCP applications/ports on both PANs.
Regards,
02-19-2018 03:44 PM
Hi @Alex_Samad
On the first PA you need to configure a DHCP relay agent (https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/networking/dhcp/configure-an-interfa...)
This DHCP relay agent keeps track of the received DHCP requests to that rhe unicast reply from the DHCP server will find its way back to the device which sent the broadcast request.
02-19-2018 03:48 PM
Hi
are you suggesting that the dhcp server will reply via unicast so that the PA which doesn't have dhcp relay agent on it will know how to route it back ?
so my understanding is
device -> dhpc request (broadcast) -> PA (with agent) -> forwards via unicast -> router (arista) -> router (arisa) -> PA -> dhcp server.
but the path back is
dhcp server -> broadcast ... this doesn't go any where as the PA doesn't know about it, I think
02-19-2018 03:57 PM
The way back is only a unicast which the PA (with DHCP relay agent) then forwards to the right device based on the mac address
02-19-2018 04:01 PM
okay, I will give it a go
02-20-2018 09:04 AM
Hello,
As @Remo state is will work. I have a similar setup and all you need is the DHCP relay setup on the PAN that is performing the relay. The reply addresss becomes the PAN's IP and hte PAN knows where to send it based on MAC address.
Also make sure to allow the DHCP applications/ports on both PANs.
Regards,
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
