Skip to main content

Cisco Static DHCP Configuration

Assigning STATIC IP addresses on a Cisco Router via DHCP

Although it’s not something that is probably all that common, and it’s actually the first time I have had a need to use this on a router, I thought I would share this information with you anyway

NOTE: This particular config was done on a Cisco 877 ADSL / DSL router however its known to work on the Cisco 800 series routers in general including the Cisco 827 Cisco 837 Cisco 877W the Cisco 1720 Cisco 1721 Cisco 1750 series and the CIsco 1600 series


Normal DHCP config for a Cisco Router

ip dhcp excluded-address 192.168.1.1 192.168.1.10

We are excluding anything in the range between 192.168.1.1 to 1.10
In this example our servers are in this range and we don’t want any conflicts, also the router is .1

ip dhcp pool POOL-NAME
network 192.168.1.0 255.255.255.0
dns-server 192.168.1.7 192.168.1.8
default-router 192.168.1.1
lease 0 8

The pool name is exactly that a name it will mean more to you than to the router so make it something you will know.

Network indicated that this is the network we are using 192.168.1.1/24 or a class C
dns-servers well those are the DNS Server Addresses we are going to assign to the DHCP clients.
The default-router is the default gateway
The lease time is the amount of time that the client machine will keep the IP before trying to renew itself 0 days 8 hours.






Now if for some reason you need to assign a static ip to a user via DHCP its pretty simple.
There are probably a number of reasons I can think of that you would do this.
For instance, if you have certain access to things based on your IP address. For instance if IP 192.168.1.11 192.168.1.12 and 192.168.1.13 have access to browse without having to use a proxy server (important people like your boss who pays your salary and he needs to be able to surf copious amounts of porn without anyone knowing

Anyway the why is up to you the how is listed below

The first thing you want to do is find out what the MAC Address is
Now if you are already running a DHCP server on the router its pretty easy

router#sh ip dhcp binding
Bindings from all pools not associated with VRF:
IP address Client-ID/ Lease expiration Type
Hardware address/
User name
192.168.1.78 0012.7980.77b5 Aug 07 2006 08:36 PM Automatic
192.168.1.86 000e.7f32.37d7 Aug 07 2006 07:36 PM Automatic
192.168.1.23 0014.3863.4c56 Aug 07 2006 06:10 PM Automatic

Now the 3 MAC Addresses need to be reserved so that the next time those MAC addresses logon to the network they are assigned 192.168.1.11 1.12 and 1.13

So this is what you do
router#clear ip dhcp binding 192.168.1.78
router#clear ip dhcp binding 192.168.1.86
router#clear ip dhcp binding 192.168.1.23

If you want to clear the binding for all IP’s in the DHCP Pool you could just run
router#clear ip dhcp binding *

Now that the IPs are not bound

You can simple add something like this

ip dhcp pool STATIC-1
host 192.168.1.11 255.255.255.0
hardware-address 0012.7980.77b5
!
ip dhcp pool STATIC-2
host 192.168.1.12 255.255.255.0
hardware-address 000e.7f32.37d7
!
ip dhcp pool STATIC-3
host 192.168.1.13 255.255.255.0
hardware-address 0014.3863.4c56

These 3 addresses will now only be issued to the holders of the MAC Addresses
Labels:

Comments

Alexey Bass said…
Just what I need too, thanks!
November 27, 2009 at 9:38 PM
Post a Comment

Popular posts from this blog

Setting up and Installing Rancid on FreeBSD for Cisco Products

Setting up and Installing Rancid on FreeBSD for Cisco Products What is Rancid? Rancid is an application that monitors a devices configuration including software and hardware. The configuration is then stored in a Concurrent Version System or CVS. Most of the time it is used to back up router, switch and firewall configurations, as well as notify you when a configuration has changed, i.e a firewall rule or a routers IP address or access list change. here is an example of the output =================================================================== retrieving revision 1.29 diff -u -4 -r1.29 mpls-jhb-pe1 @@ -288,9 +288,9 @@ ! interface Serial0/0 description Link to Client X bandwidth 2048 - ip address 192.168.1.244 255.255.255.254 + ip address 192.168.1.234 255.255.255.254 ip route-cache flow ip tcp header-compression iphc-format ip tcp compression-connections 256 ! ip ospf message-digest-key 1 md5 the - symbol represents what was removed the + symbol represents what was added The abo
2 comments
Read more

Tacacs+ Install and Config Guide

Tacacs+ Install and Config Guide What is TACACS As per wikipedia Terminal access controller access control system (TACACS) is a remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access to the network. Installing Tacacs on FreeBSD This guide is intended to be a basic implementation of TACACS+, so although there are may features I am just going to document what I generally use. Please note that tac_plus is also available from Shrubbery Networks if you would like to install and configure on another platform. You may also want to check out my Rancid How-To Once again its in your ports directory. cd to /usr/ports/net/tac_plus4/ run a "make install clean" Once installed vi /usr/local/etc/rc.d/tac_plus.sh Then Change the following line from NO to YES tac_plus_enable=$ Save the file, then vi /e
Post a Comment
Read more

Setting up a Cisco 800 series Router for ADSL

Setting up a Cisco 800 series Router for ADSL Not that the Average user would use a Cisco ADSL router, or if they do use a Cisco product it would probably be a Linksys router. Anyway here is the config with comments in between. all comments are in italics You might want to check out the Cisco DYNDNS configuration guide too NOTE: This particular config was done on a Cisco 877 ADSL / DSL router however its known to work on the Cisco 800 series DSL routers in general including the Cisco 827 Cisco 837 Cisco 877W This example is a basic setup for just access to the web you can enable PAT or Port Address Translation on the router to allow access from the outside to a server or something like that. Also this setup is for a Dynamic IP from the ISP you might also want to checko out the how to on setting up SSH login on the router no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname # your router name i.e. Bobs Router ! boot-st
Post a Comment
Read more