Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17



The Dynamic Host Configuration Protocol (DHCP) is an auto configuration protocol used on IP networks and an extension of the Bootstrap Protocol. DHCP allows for computers to be configured automatically to communicate with each other over an IP network without the need for manual setup by a network administrator. The implementation of DHCP relies on a DHCP server to hand out network configuration information to DHCP-capable clients that request an IP address (and other information required or useful in communicating with other devices on an IP network). In addition to an IP address, common configuration information served over DHCP includes a default gateway, subnet mask and DNS sever(s).

Share tech news, updates, or what's on your mind.

Sign up to Post

After I've configured the device I can't get out to internet via any of the pcs.  I can access the 5505 from and outside computer and can configure it via the ASDM so I'm not sure what the problem is.  Can someone verify my config below?

ASA Version 8.3(1)
hostname ciscoasa
enable password OlOxQ1nyrZ49h6MK encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
interface Vlan1
 nameif inside
 security-level 100
 ip address
interface Vlan2
 nameif outside
 security-level 0
 ip address dhcp setroute
interface Ethernet0/0
 switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
ftp mode passive
object network obj_any
object network NETWORK_OBJ_192.168.2.0_24
object network SCETI
access-list outside_1_cryptomap extended permit ip object SCETI
access-list inside_access_in extended permit ip any any
access-list outside_access_in extended permit ip any any
access-list outside_access_in extended permit tcp any host eq 3389
pager lines 24
logging enable
logging asdm informational
mtu outside 1500
mtu inside 1500
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
nat (inside,outside) source …
Get your Conversational Ransomware Defense e‑book
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

We have DHCP configured across two servers in a 50/50 failover capacity.  I have one scope that doesn't seem to be replicating.  All other scopes are replicating normally.

This one scope, we added a ton of reservations and i expected to see them replicated over to the other server but they are not.

When I right click the scope and click replicate, I get a series of success messages and NO errors, but the replication of the reservations still doesn't happen.

Do reservations replicate?  

I have restarted the service on both and also replicated the relationship, which also was successful.

I'm confused about why this specific scope won't replicate.  I've debated blowing it away and recreating it.



Hi, I'm not sure if i'm reading the lease times correctly.  Therefore, I don't know if I am maxing out leased IPs.  Here's what I'm viewing.Sonicwall DHCP Stats

Would anyone know where in DHCP (I'm assuming the issue is here) to indicate where clients should connect for a PXE boot? Initially, I was using  a server (Let's call it WDSSVR1) as a WDS/MDT server to deploy images across the network. I had planned on migrating the role to a different server with SCCM installed (SCCMSVR1), but after playing around with it, I decided to go back to WDCSVR1. However, it looks like DHCP automatically picked up on SCCMSVR1 as the WDS server and has not changed back to the old one. Clients are still picking up on the SCCM server.

I've tried reinstalling WDS and MDT on the previous server in hopes that the settings would automatically update again, but it hasn't helped.

Thanks for any help you can provide.
I have exhausted my DHCP pool. Subnet It seems the easiest thing to do is change my mask to open the subnet up but I'm not sure how to approach this. I cant use anything higher than 192.168.100.x because 101, 102, etc are used buy my other retail locations. ideally I could use 192.168.99.x - Any suggestions are welcome.

Thanks in advance!

DHCP IP address? Routers?I understand the pc with the routers are not so good,which then are the good ones?how do i know wich PC , laptop etc have router and wich don't have router.i don't have phisical pc i have rdps, thank you
Needs to work on Server 2012 and 2016

I am working on a PowerShell script that will
1) Configure vendor classes in DHCP - Working
2) Create policies based on these classes - Working
3) Set specific options (66 and 67) for each policy - Not working

The complete script is
Add-WindowsFeature -Name DHCP –IncludeManagementTools
Import-Module DhcpServer

$Server	= Read-Host -Prompt 'Enter the DHCP server name'
$Scope	= Read-Host -Prompt 'Enter the project network address ('
$WDSvr	= Read-Host -Prompt 'Enter the IP of the server hosting Deployment Shares'

$VendorClassUEFIx64 = @{
	Name = "PXEClient UEFI (x64)"
	Description = "PXEClient UEFI (x64)"
	Type = "Vendor"
	Data = "PXEClient:Arch:00007"
$VendorClassUEFIx86 = @{
	Name = "PXEClient UEFI (x86)"
	Description = "PXEClient UEFI (x86)"
	Type = "Vendor"
	Data = "PXEClient:Arch:00006"
$VendorClassBIOS = @{
	Name = "PXEClient BIOS (x86 & x64)"
	Description = "PXEClient BIOS (x86 & x64)"
	Type = "Vendor"
	Data = "PXEClient:Arch:00000"
Add-DhcpServerv4Class @VendorClassUEFIx64 -ComputerName $Server
Add-DhcpServerv4Class @VendorClassUEFIx86 -ComputerName $Server
Add-DhcpServerv4Class @VendorClassBIOS -ComputerName $Server

Add-DhcpServerv4Policy -Name "PXEClient UEFI (x64)" -ScopeId $Scope -Condition OR -VendorClass EQ,"PXEClient UEFI (x64)*"
Add-DhcpServerv4Policy -Name "PXEClient UEFI (x86)" -ScopeId $Scope -Condition OR -VendorClass EQ,"PXEClient UEFI (x86)*"
Add-DhcpServerv4Policy -Name 

Open in new window


Can anyone here please share what's the steps and the risk when enabling this nice feature in both DNS and DHCP servers ?

Because in my AD joined workstations, there are so many confusion in regards to pinging DNS name (FQDN) returning old or different AD computer name.

what my concern in enabling DNS scavenging in all AD Integrated DNS Server and DHCP servers, does it impact the current server DNS entries that are still online or pingable?

I'm trying to avoid any outage or issue when enabling those two features in all of my DNS servers one by one for the entire AD domain.
We have two 2012 R2 server running DHCP in failover mode.  We have lost one DHCP server and it's partner is not issuing IP address.

The partner server is never coming back.

My remaining DHCP server is not issuing IPs.

Can I break the replication and get the remaining DHCP server to issue IP addresses?  If yes, how?


My Win7 workstation is one of eight connected to my SBS2008 domain controller.  DHCP is on.
The DC uses OpenDNS servers.
When I log off and back on, my browsers (Firefox, IE11) won't connect to any web pages.  I can ping, so I know DNS is resolving.

I tried disabling and re-enabling my network adapter - no joy.
The only thing that resolves the problem is a reboot.
Prepare for your VMware VCP6-DCV exam.
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Hello.  We have seen this frequently, more recently.  We have a VM guest that is statically assigned an IP for the network.  it is on a ESXi 5.5 VM host.  It is now showing a yellow exclamation mark on the NIC icon in the clock corner and says "no network access".  So the only way to get it to go back to normal now is to "Troubleshoot" it and Windows wants to make it DHCP, which then fixes it.  And I cannot put it back to the static address, due to a duplicate IP address error.  Problem is NOTHING else on the network is using that address.  so the VM server is "stepping on its own toes" somehow by thinking the static address is in use when it isn't.  How do we correct this.

Thanks for your help
I had this question after viewing Connect a wireless router to a sonicwall firewall.

Presently using Sonicwall TZ-215 with 3 TP-Link EAP 330 - (coverage decent but not perfect.)  in small business environment:
1. Would using the Linksys Velop in bridged mode give me better coverage (turning off wireless on Sonicwall TZ-215; turning off DHCP on Linksys Velop) ?
2. Since the Sonicwall TZ-215 would be the main router, will the network be secure?
Greeting Experts,

I need some help creating a script that can scan a list of DHCP servers for Mac address and come back with its IP address/DHCP Server is on.  Our ACtive Directory is large and going throw each DHCP server looking at the Mac address would take too much time. can somebody help me with this task. thank
In a slow process of changing over servers from 2003 SBS (O.S past EOL) to a 2008 R2 box. I was able to get the 2008 server to be accepted as a backup DC, but as far as I know, SBS must be the DHCP server -  is it possible to automate that on SBS going down?
Good Day,

Got a question which I am not sure about.

I got a Server 2012 Hyper V Host running 3 Virtual servers
6 NICS and 2 NIC Teams

Virtual Servers:


ServerA has one virtual NIC and it is statically assigned IP address. IPv6 on this nic is disabled.

However on the DNS there are 3 entries showing for this server.

1. ServerA - Host(A)  static  ( This is the static one on the only nic on this server )
2. ServerA - Host(A) static ( Not sure where this is coming from. I tried deleting it and it comes back after some time. ?? )
3. Server A  IPv6 Host (AAAA)  - long mac address - 8/12/2017 11 PM

Shouldn't there be only 1 entry ?  

The same issue is with couple of other severs. Either my concepts are not clear or it is something weird.

Hello - I have a Security Device Scope set on my DHCP server. /20

What I want to do is assign another scope within my Security Device Scope for 10 Camera, 10 Card Readers and 2 Media Servers. How would I break that scope up into other scopes for the following devices, however using the Security Device Scope?


My client has a few rooms which have network ports connected back to the router.
I can plug my laptop in the network ports in the rooms and access the internet without a problem.
But when I configure a wireless access point on that same network port and try to access the new SSID, I get no internet.
The AP doesn't pick up internet or an IP address from the router.
I've tried 5 different access points.

I've done this in the past few years about 20 times and it always works. Configuring an AP is very simple.
So I'm confused why these AP's do not pickup IP's from the router but a laptop connected to the same cable can pickup an IP.
I have a task assigned to event id 1020 (windows 2008 r2) to send an email when a dhcp scope hits 80% usage.  It had been working fine before when usage was high, but now it is showing that a particular scope is over 80% used when it isn't.  When I look at the scope statistics, it shows there are 41 (82%) addresses in use with only 9 available.  However, when I refresh the lease list, there are only 17 addresses being used, not 41.  How is this possible?
Hey guys. I need some help for... a friend. (It's a Monday. Please don't ask)

2 Domain controllers running Server 2012 Datacenter
Veeam BR 9 on Server 2012 Datacenter

Leadup to issue
DHCP scope was acting funny... a few tinkerings later and the entire service was hosed. A restore of that DC on Veeam and now the entire sync between both DCs was not working, even after attempts to get them synced (dcdiag, repadmin, etc.).

A restore of both DCs to the same backup time should work, right? NO. Veeam restores DCs into non-authoritative mode...

Current situation:
DC1 is restored from Friday night's backup but shut down for now. Attempts to log in with DSRM password failed. (Just great, right?)

DC2 is running and serving DNS, AD, etc. but it fails dcdiag tests:
-time server advertising
-Replication attempts (obv.)
- etc (too many to list)

Before my uhhh... friend breaks anything else, just throw me in the right direction. He's a little out of sorts and just needs to be reminded what to do at this point.
I would tell him to do a non-authoritative restore of DC1 and let DC2 be "the boss", but both servers were restored from Veeam in non-authoritative mode and the DSRM password isn't working. Attempts on DC2 to change the password failed. Yaaay!
Veeam Disaster Recovery in Microsoft Azure
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

I would like to separate hard wired connections from wifi APs.  The purpose is to separate traffic and assign separate class c subnet to each group.  

Equipment used
Watchguard firebox
Qty 2 Uniquiti 24-port Poe+ 500 watts
Qty 10 Uniquiti HD access points.

Separate subnets for each group:

Hardwire users on port 1 of Firebox with dchp turned in - hardwired - connects to first Uniquiti switch.  

Wifi access points on port 2 of Firebox with dhcp turned on -  WiFi access points - connects to Second switch.

The second Uniquiti switch that connects the hardware connections  - port 1 disconnects or the ubiquity access points will start missing heart best and disconnect

 Firewall policy set to  any traffic can pass between the the Firebox interface ports 1 and 2.  Ping traffic passes from and to sinners with issue.

If all the devices / hard wire and access points and the two switches - are put into 1 single subnet - no issues.  

Comments would be appreciated.
In Windows there is a checkbox "Register this connection's addresses in DNS".  See attached screenshot.
What is the equivalent in
- Ubuntu Workstation
- Raspian (Raspberry Pi Debian variant)

Thank you
Hello -

I presently have a CIsco ASA 5505 (running ASA version 8.2(1) ) sitting behind my Comcast Business gateway. I have a static public IP through Comcast. The Comcast gateway is in pass-through mode (i.e. its LAN DHCP, WiFi, and MoCa are turned off).

I have configured my Cisco with the necessary VLANs and interfaces such that I have an inside network of and a DMZ of

I am fairly certain that I have the correct NAT and ACL settings done.

From the ASA, I can successfully ping my Comcast static IP and the Comcast gateway address - but nothing else. And, of course, any client devices connected to either the ASA's inside interfaces or DMZ cannot access the Internet.

FWIW, I have also checked with Comcast to make sure there are no compatibility issues with their device and Cisco ASAs (because I'm only getting an orange LED on the Comcast gateway's Ethernet port - no green link light). The ASA is set to auto duplex and speed.

If I configure a laptop with the static IP and plug it directly into the Comcast gateway, it works fine.

I have attached a text file with my ASA configuration.

Can anyone suggest a possible fix?

Thanks much.
Dear All,

We have internet and intranet are separate on physical layer due to company security policy. We are using DHCP for ip release on both intranet and internet. At times user use the intranet computer on the internet by unplug the intranet cable and plug the internet which we do not want. To avoid this we have configured the static ip on the intranet computers and minimize the privileges to change the IP. Through this the user can not use the internet on the intranet computer due to non release of ip address.

My question is is there any way through firewall or Windows Active directory through which our intranet user cannot connect to internet on the intranet computer using dhcp. In other word , can we limit the user not to connect to internet.
I am setting up my hardware firewall to issue DHCP IPs and associated DNS servers ( instead of having my Windows 2012 R2 server do DHCP

 1. What method do you recommend I use when decativating DHCP on my Windows 2012 R2 server ?
         a. stop the DHCP service OR
         b. uninstall the DHCP role OR
         c. click "Deactivate" via the DHCP console like talks about

 2. Do I need to do a release/renew on all non-static devices (i.e. a few switches, a few PCs, etc) after doing this so my firewall does not issue IPs that were already issued via the Windows 2012 R2 and have leases that are not expired yet ?

 3. Anything else I need to know ?
Need another pair of eyes to check my DC specs.  Mostly for AD purposes box.  DC, DHCP, DNS.  Maybe Print server as additional.  I will dial another DC on VM.  

Win2016 DC
FT-E5-2603V4, Intel Xeon E5-2603V4 1.7GHz 1U
* (1) Intel Xeon Processor E5-2603V4 Haswell (6 Cores)
* (1) Supermicro Motherboard X10SRW-F
* On Board Dual 1GB NIC Ports
* On Board VGA
* On Board IPMI 2.0
* 16GB DDR4 2400 RAM ECC/REG Installed, Lifetime
* (1) Riser Card w/ 2x PCIe x16 GEN 3.0 FHFL
* (1) Riser Card w/ 1x PCIe x8 GEN 3.0 LPHL
* (1) LSI 9271-4i RAID Controller
* (2) 1TB Enterprise SATA 7200RPM 3.5" HDD
* (4) Hard drive Bays for 3.5" or 2.5" as an option
* (2) PCI-e 16X GEN 3 Slots available
* (2) 500W Hotswap redundant PSU
* (1) Microsoft Windows Server 2016 Standard Operating System
64-bit English (16 Core), OEM
* 3 Years Full Warranty w/ advance ship replacement


The Dynamic Host Configuration Protocol (DHCP) is an auto configuration protocol used on IP networks and an extension of the Bootstrap Protocol. DHCP allows for computers to be configured automatically to communicate with each other over an IP network without the need for manual setup by a network administrator. The implementation of DHCP relies on a DHCP server to hand out network configuration information to DHCP-capable clients that request an IP address (and other information required or useful in communicating with other devices on an IP network). In addition to an IP address, common configuration information served over DHCP includes a default gateway, subnet mask and DNS sever(s).