• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 704
  • Last Modified:

Cisco 851 router won't get/give DHCP address with firewall on

Hello,
With the help of someone here I've mostly gotten our Cisco 851 router going, but I still have one issue.   If I enable my access-lists, our Cisco 851 router will not obtain a DHCP address from our service provider, nor will it successfully give out any DHCP addresses to local clients.    All I need to do to make both of these work is to remove the "ip access-list 105 in" and "ip access-list 102 in" lines from FastEthernet4 and Vlan1 respectively.   But then of course I don't have a firewall.  

For reference, we have a simple setup with simple requirements -- internet is provided via a cable modem and we just want to have basic firewall features (i.e. any connections initiated from the inside gets out, no connections initiated from the outside get in).   Only exceptions are whatever may be required for typical internet usage.  

I've attached my current config, but the relevent access-lists are below:

access-list 102 permit tcp 192.168.1.0 0.0.0.255 any
access-list 102 permit udp 192.168.1.0 0.0.0.255 any
access-list 102 permit icmp 192.168.1.0 0.0.0.255 any
access-list 102 deny   ip any any log
access-list 105 permit icmp any any
access-list 105 deny   ip any any log

Surely I must be missing something since enabling the access lists prevents the router from getting or giving out DHCP addresses, but what could it be?   Note that when this problem occurs, "show log" does not reveal the answer, to me anyway.  :)  

Thanks so much for any and all assistance!  
ms-config-0217.txt
0
izgoblin
Asked:
izgoblin
1 Solution
 
JFrederick29Commented:
Add this:

access-list 102 permit udp any any eq bootps

access-list 105 permit udp any eq bootps any
0
 
izgoblinAuthor Commented:
Thanks - that did it and I learned something else in the process.  :)  
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now