Client Gateway Address in DHCP - Router or Firewall?

Client Gateway Address in DHCP - Router or Firewall?
NewsGroups | Search | Tools
User Password
Register Now! Lost Password?

General Cisco Forum - Cisco Systems - Hardware Software and Security News and Discussions 

Bookmark this page:  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
Client Gateway Address in DHCP - Router or Firewall? Scott Townsend 03-01-2006
If you were  Registered and logged in, you could reply and use other advanced thread options
Posted by Scott Townsend on March 1, 2006, 11:00 am
We had our Client PCs Gateway address defined as the core router that
connected all of the remote offices together.

Now we are using the internet and VPN to connect remote offices, the Core
Router is still there and only connects 1 other office.

Should I change the Default Gateway to be the PIX, or should I leave it set
to the router? Seems like it would eliminate 1 hop, as most of the traffic
is the internet and or the other offices.

Thanks,
Scott<-



Posted by Merv on March 1, 2006, 1:39 pm

I would think that it should be the device that is on the same subnet
as the PC's.

I do not know if the PIX supports proxy-arp, but if you are using that
then I would highly recommend you eliminate it.


Posted by Scott Townsend on March 2, 2006, 1:46 am

The PIX's internal Interfaces on the same subnet as the core router. So they
are both on the same subnet. The Core router's Default gateway is the PIX,
since its the connection to the internet.

I was using the router as the Default gateway before as it was the guy who
knew where are the other subnets were dynamically and was connected to them.

Now that we only have a few subnet and most are connected via VPN. I was
thinking about just routing all the clients to the PIX.

Thanks,
Scott<-

> I would think that it should be the device that is on the same subnet
> as the PC's.
> I do not know if the PIX supports proxy-arp, but if you are using that
> then I would highly recommend you eliminate it.
>



Posted by Merv on March 2, 2006, 3:05 am

If you use the PIX then the traffic from the client must be outbound
only as the PIX will not hairpin turn a packet. You may end of having a
loss of connectivity if you use the PIX as a default gateway

You are probably better off leaving it the way it is


Posted by Scott Townsend on March 2, 2006, 1:23 pm
Great, thank you!

Scott<0
> If you use the PIX then the traffic from the client must be outbound
> only as the PIX will not hairpin turn a packet. You may end of having a
> loss of connectivity if you use the PIX as a default gateway
> You are probably better off leaving it the way it is
>



Similar ThreadsPosted
VPN Client is assigning the same IP Address to both the interface and the default gateway. January 2, 2008, 10:03 am
VPN Client is assigning the same IP Address to both the interface and the default gateway. January 2, 2008, 10:02 am
ASA5510 - VPN Client loses Gateway address after couple of minutes October 3, 2007, 6:03 am
DHCP: hardware-address or client-identifier January 27, 2005, 8:31 pm
router dhcp, two ethernet and firewall January 11, 2008, 10:56 pm
Implementing DHCP client with INIT-REBOOT state as per RFC, 'requested ip address' in dot notation? December 4, 2007, 5:21 pm
Wireless clients can't get DHCP address from router behind Aironet 1100 January 20, 2007, 2:10 pm
How to force DHCP client router to renew its lease? February 4, 2006, 10:49 am
recommendations for a firewall for use as an Internet Gateway November 6, 2006, 2:10 pm
Connecting to a PIX firewall using cisco VPM client though a Linksys WAG54G with eth firewall enabled December 11, 2004, 5:16 pm

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map