Configure Firebox Network DHCP Settings

Applies To: Cloud-managed Fireboxes

DHCP (Dynamic Host Configuration Protocol) is a method to assign IP addresses automatically to network clients. You can configure your Firebox as a DHCP server for an Internal or Guest network. If you have a DHCP server, we recommend that you continue to use that server for DHCP. To configure the Firebox to relay DHCP requests to a DHCP server on another network, enable DHCP Relay.

In the DHCP settings for an internal or guest network, you can set the DHCP Mode to one of these options:

  • DHCP Disabled — The Firebox does not handle DHCP requests on this network.
  • DHCP Server — The Firebox assigns IP addresses through DHCP to clients on this network.
  • DHCP Relay — The Firebox forwards DHCP requests from clients on this network to a DHCP server.

For a cloud-managed Firebox, the default Internal and Guest networks have DHCP Server enabled. For more information, see Firebox Default Networks.

Configure DHCP Server

Enable DHCP Server if you want the Firebox to assign IP addresses on a network.

To configure the Firebox as a DHCP Server for a network, from WatchGuard Cloud:

  1. Select Configure > Devices.
  2. Select the cloud-managed Firebox.
  3. Click Device Configuration.
  4. Click the Networks tile.
    The Networks configuration page opens.
  5. On the Networks page, click the tile of an Internal or Guest network.
    The network configuration page opens.
  6. Select the DHCP Settings tab.
  7. From the DHCP Mode drop-down list, select DHCP Server.

Screen shot of the DHCP settings for DHCP Server

  1. (Optional) To change the DNS suffix the Firebox gives to DHCP clients on this network, type a Domain Name.
  2. To change the DHCP lease time, in the Lease Time text box, type the number of hours. This is the time interval that a DHCP client can use an IP address that it receives from the Firebox. The default value is eight hours.
    When the lease time is about to expire, the client sends a request to the Firebox to get a new lease.

After you set the DHCP Mode to DHCP Server, you must add at least one IP address range to the Address Pool. You can also optionally add reserved addresses and configure DHCP options.

Configure DHCP Relay

When you enable DHCP Relay on an Internal or Guest network, the Firebox sends DHCP requests to the IP address of up to three DHCP servers.

Make sure the Firebox has a route to the IP addresses you specify for the DHCP servers. If the DHCP server you want to use is not on a network protected by your Firebox, you must set up a VPN tunnel between your device and the network where the DHCP server is for this feature to operate correctly.

If you have configured two DHCP servers for failover, add the IP addresses of both the primary and secondary DHCP servers to the configuration for DHCP Relay. The Firebox sends DHCP requests to the IP addresses of all DHCP servers you specify.

To configure DHCP Relay, from WatchGuard Cloud:

  1. Select Configure > Devices.
  2. Select the cloud-managed Firebox.
  3. Click Device Configuration.
  4. Click the Networks tile.
    The Networks configuration page opens.
  5. On the Networks page, click the tile of the Internal or Guest network.
    The network configuration page opens.
  6. Select the DHCP Settings tab.
  7. From the DHCP Mode drop-down list, select DHCP Relay.

Screen shot of the DHCP Settings for an Internal network, with DHCP Relay selected

  1. Click Add DHCP Server.
    The Add DHCP dialog box opens.

Screen shot of the Add DHCP Server dialog box

  1. In the DHCP Server text box, type the IP address of a DHCP server.
  2. Click Add.
  3. To save configuration changes to the cloud, click Save.

To delete a DHCP server, from WatchGuard Cloud:

  1. In the row for the DHCP server, click .
  2. To save configuration changes to the cloud, click Save.

See Also

About Firebox Networking Settings