Configure IPv4 DHCP in Mixed Routing Mode

DHCP (Dynamic Host Configuration Protocol) is a method to assign IP addresses automatically to network clients. You can configure your XTM device as a DHCP server for the networks that it protects. If you have a DHCP server, we recommend that you continue to use that server for DHCP.

These DHCP settings apply to trusted and optional interfaces, and to VLAN, Bridge, and Link Aggregation interfaces in the trusted and optional security zones.

If your XTM device is configured in drop-in mode, see Configure DHCP in Drop-In Mode.

Configure DHCP for IPv4

  1. Select Network > Interfaces.
  2. Select a trusted, optional, or custom interface. Click Edit.
  3. From the drop-down list, select DHCP Server.

Screen shot of the Use DHCP Server settings

  1. To add a group of IP addresses to assign to users on this interface, in the Address Pool section, click Add.
  2. Specify starting and ending IP addresses on the same subnet, then click OK.
    The address pool must belong either to the interface’s primary or secondary IP subnet.
    You can configure a maximum of six address ranges. Address groups are used from first to last. Addresses in each group are assigned by number, from lowest to highest.
  3. To change the default lease time for addresses in the DHCP address pool, select a different option in the Lease Time drop-down list.
    This is the time interval that a DHCP client can use an IP address that it receives from the DHCP server. When the lease time is about to expire, the client sends data to the DHCP server to get a new lease. 

To modify or delete an address pool range:

  1. In the Address Pool table select the entry.
  2. Click Edit to edit the selected range.
  3. Click Remove to remove the selected range.

Configure DHCP Reservations

To reserve a specific IP address for a client:

  1. In the Reserved Addresses section, type a name for the reservation, the IP address you want to reserve, and the MAC address of the client’s network card.
    The DHCP reservation name cannot start or end with a dot (.) or dash (-), and cannot contain an underscore (_).

Screen shot of the Reserved Addresses settings

  1. Click Add.

To modify or delete a reservation:

  1. In the Reserved Addresses table, select the reservation.
  2. Click Edit to edit the selected reservation.
  3. Click Remove to remove the selected reservation.

Configure DHCP Options

DHCP options, also known as vendor extensions, enable you to specify DHCP configuration parameters and other control information, as described in RFC 2132. You can add predefined or custom DHCP options. Custom options are supported in Fireware XTM v11.9.3 and higher.

The predefined DHCP options are:

DHCP Option Code Name Type Description
150 TFTP Server IP IP address(es)

The IP address of the TFTP server where the DHCP client can download the boot configuration.

66 TFTP Server Name Text The name of the TFTP server where the DHCP client can download the boot configuration.
67 TFTP Boot Filename Text The name of the boot file.
2 Time Offset 4 byte integer

Time offset in seconds from Coordinated Universal Time (UTC).

43 Vendor specific information Text This option is used by clients and servers to exchange vendor- specific information.
120 SIP Servers IP address(es)

IPv4 addresses of one or more Session Initiation Protocol (SIP) outbound proxy servers. This option is described in RFC 3361.

138 CAPWAP Access Controller IP address(es)

IPv4 addresses of one or more CAPWAP Access controllers. This option is described in RFC 5417.

156 DHCP State 1 byte integer (Unsigned) State of the IP address. This option is used by ShoreTel phones for an FTP boot option.

Some version of Fireware XTM OS do not support all the predefined options. The Fireware XTM Web UI shows you only the supported options.

Configure DHCP Options in Fireware XTM v11.9.3 and Higher

In Fireware XTM v11.9.3 and higher, you can add predefined or custom DHCP options.

To add a predefined DHCP option:

  1. In the DHCP Options list, click Add.
    The Add DHCP Option dialog box appears. Predefined Option is selected by default

Screen shot of the Add DHCP Option dialog box for a Predefined Option

  1. From the Code drop-down list, select the DHCP option code.
    The Name and Value associated with the code are selected automatically and you cannot edit these.
  2. In the Value text box, type the value to assign to this option. It must match the Type for this option.
  3. Click OK.

If the option required by your vendor is not in the list of predefined options, you can add it as a custom option.

DHCP options 1, 3, and 28 are not supported.

To add a custom DHCP option:

  1. In the DHCP Options list, click Add.
    The Add DHCP Option dialog box appears.

Screen shot of the Add DHCP Option dialog box for a Custom Option

  1. Select Custom Option.
  2. In the Code text box, type the DHCP option code.
  3. In the Name text box, type a name to describe this DHCP option.
  4. From the Type drop-down list, select the type of value required by this option.
  5. In the Value text box, type the value to assign to this option. It must match the Type you selected.
  6. Click OK.

If you use the same DHCP option code for more than one interface, the Type must be the same on each interface.

Configure DHCP Options in older versions of Fireware

Fireware XTM versions lower than v11.9.3 support a limited set of predefined DHCP options, and do not support custom options.

To configure DHCP options in an older version of Fireware XTM OS:

  1. In the TFTP Server IP text box, type the IP address of the TFTP server.
  2. In the TFTP Server Name text box, type the name of the TFTP server.
  3. In the TFTP Boot Filename text box, type the name of the boot file on the TFTP server.

Configure Per-Interface WINS/DNS

By default, when it is configured as a DHCP server your XTM device gives out the DNS and WINS server information configured on the Network Configuration > WINS/DNS tab. To specify different information for your device to assign when it gives out IP addresses, you can add a DNS server for the interface.

See Also

Configure DHCP Relay

Add WINS and DNS Server Addresses

Configure an IPv6 DHCP Server

Give Us Feedback  •   Get Support  •   All Product Documentation  •   Knowledge Base