Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2698
  • Last Modified:

Excluding ip address from dhcp scope on a Cisco Pix

How can I configure the Pix firewall, which is perfoming dhcp, to exclude ip addresses 192.168.1.101 and 192.168.1.68 from the dhcp scope? Currently the two ip addresses in question are included in the range. The dhcp configuration on the Pix is listed below.

dhcpd address 192.168.1.25-192.168.1.199 inside
dhcpd dns 66.255.85.8 66.255.85.9
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd auto_config outside
dhcpd enable inside
0
ccptechs
Asked:
ccptechs
  • 3
  • 2
1 Solution
 
JFrederick29Commented:
You can't.  Your best bet would be to statically readdress those two hosts outside the DHCP range with 192.168.1.200 and 192.168.1.201.

You might be able to do something like this (haven't tried it):

dhcpd address 192.168.1.25-192.168.1.67 inside
dhcpd address 192.168.1.69-192.168.1.100 inside
dhcpd address 192.168.1.102-192.168.1.199 inside
0
 
lwoodtriCommented:
Here is the command to use to exclude an IP address from the DHCP pool.

router(config)#ip dhcp excluded-address 192.168.1.101
router(config)#ip dhcp excluded-address 192.168.1.68




0
 
JFrederick29Commented:
lwoodtri,

This is a PIX.  That command is for an IOS based device.
0
IT Degree with Certifications Included

Aspire to become a network administrator, network security analyst, or computer and information systems manager? Make the most of your experience as an IT professional by earning your B.S. in Network Operations and Security.

 
lwoodtriCommented:
My bad I saw Cisco / dhcp . . sorry.
0
 
ccptechsAuthor Commented:
We decided to move the two devices out of the dynamic range.
0
 
JFrederick29Commented:
Good choice.  That's really the best option.  Use .200-.254 for static assignments.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now