How to setup a single Windows DHCP server with multiple VLAN's

I am trying to setup my home lab Windows 2012 server as a single Windows DHCP server with multiple Vlans.

My hardware setup is 1x Cisco 2960G switch with 1x Cisco ASA5505 Firewall.
The Cisco ASA5505 has the  Security Plus License installed so no VLAN restrictions.

I have a HP Micro Server with one network interface connected up to the Cisco Switch 2960G

Can anyone help me guide me on how I would go about setting up this environment.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

On the Windows server, setup a DHCP scope for each VLAN.

On your Cisco switches, when setting up your VLAN definitions, add the following line to each VLAN, substituting the IP of your DHCP server.  This will redirect the DHCP requests across the VLANs.
ip helper-address
Robert_RayworthAuthor Commented:
I have setup several scopes on my Windows DHCP server this part is working fine

You mentioned adding the following line please can you be more specific

 my current dhcp server is the gateway is
The first scope is
The second scope is

I have been running with one scope fine but by adding the second scope wont this cause a conflict with the first. Whats stopping the wrong ip address being handed out
There was nothing in the scope creation that told them they were specific to a vlan any ideas?
Your VLAN config on your switch should define the IP addresses allowed on that VLAN.    This will prevent the DHCP server from handing out addresses to the wrong VLAN.

Can you share your VLAN interface config?
AkinsdNetwork AdministratorCommented:
Your next step now is to configure ip helper on the gateway interface for each vlan

Allowed vlan configuration on a switch only stops broadcast or multicast messages from traversing the specified vlan on the switch. Only messages coming to the allowed vlan is allowed. Vlans not allowed can still communicate with the vlans allowed.
This is like having 5 rooms, 4 for you, your wife and 2 kids and 1 for guests. You then give an instruction to post office saying "it is true I have a room for guests but the only mails allowed in this house are mails coming to me, my wife or my kids. No guest mail or junk mail or any mail not addressed to allowed recipients can come through"

You will configure ip helper on the gateway of the devices for each vlan. This is what ensures that dhcp applies the correct scope appropriately.

You mentioned that remote locations connect to main site via vpn. Devices must belong to a network that is configured in the VPN policy for VPN tunnel to form. If you have Ethernet handoff connecting the sites, then the dhcp concept you are proposing may work.

Without a tunnel, there is no connection, and without a network there is no tunnel. You need the tunnel to get to the dhcp server and you need an existing network to form a tunnel.

I hope this helps

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking Hardware-Other

From novice to tech pro — start learning today.