Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IpSec VPN and DHCP Relay

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      taay
      last edited by

      Hi!

      I´m having a problem with DHCP Relay service.
      First of all I have two sites and ipSec VPN tunnel between them:

      Site1: 192.168.11.0/24 (Here are all the servers and some clients)
      Site2: 192.168.12.0/24 (Here are some clients who have to get to the servers)

      All traffic inside the network (both subnets) is allowed and all traffic from outside blocked. Very simple default rules in WAN, LAN, and IPsec firewall sections. Both sites go to internet from their own GW. So no internet traffic is going trough the ipsec tunnel.

      At the moment everything is working (exept relay). I mean I can ping everything from the both side. I can do RDP everywhere and all computers in both networks are in domain, so all the traffic between DC and clients are working (both subnets).

      Problem is when I´m enbling DHCP Relay service on 192.168.12.1 (pfSense Site2). DHCP (MS Windows 2008R2) server is located in 192.168.11.5 so all the DHCP request should be transferred there but it doesn´t. Is there anything else I should do!? Some kind of routings or something else or should it just work when i enable the service!? When I put the static IP to some computer in 192.168.12.0/24 subnet - everything works just fine!

      In firewall log I can see only this that makes me concern (and some other logical traffic)

      –-------------------------
      Act    Time                  If      Source        Destination              Proto
      Block  Dec 19 22:56:23 WAN  0.0.0.0:68    255.255.255.255:67  UDP

      If I allow this traffic - nothing changes! DHCP Logs are clean! I have all the subnet and other things configured and all the 192.168.11.0/24 clients are using this DHCP server.

      Can you please help me out of the problem!?

      Have a nice christmas time and thank you!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.