Contents

Related Topics

Configure DHCP in Drop-In Mode

When you use drop-in mode for network configuration, you can optionally configure the Firebox as a DHCP server for the networks it protects, or make the device act as a DHCP relay agent. If you already have a DHCP server, we recommend that you continue to use that server for DHCP.

The features available in WatchGuard System Manager (WSM) can be different for different versions of Fireware. If your Firebox does not run Fireware OS v11.10.x or higher, the content in this Help topic might not apply to your Firebox.

For instructions to complete the procedures in this topic for a Firebox that runs an older version of Fireware, see:

Configure IPv4 DHCP in Drop-In Mode in WatchGuard System Manager v11.9.4 Help

Use DHCP

By default, your Firebox device gives out the configured DNS/WINS server information when it is configured as a DHCP server. You can configure DNS/WINS information on this page to override the global configuration. For more information, see the instructions in Add WINS and DNS Server Addresses.

Configure DHCP Options

DHCP options, also known as vendor extensions, enable you to specify DHCP configuration parameters and other control information, as described in RFC 2132. You can add predefined or custom DHCP options. Custom options are supported in Fireware v11.9.3 and higher.

The predefined DHCP options are:

DHCP Option Code Name Type Description
150 TFTP Server IP IP address(es)

The IP address of the TFTP server where the DHCP client can download the boot configuration.

66 TFTP Server Name Text The name of the TFTP server where the DHCP client can download the boot configuration.
67 TFTP Boot Filename Text The name of the boot file.
2 Time Offset 4 byte integer

Time offset in seconds from Coordinated Universal Time (UTC).

43 Vendor specific information Text This option is used by clients and servers to exchange vendor- specific information.
120 SIP Servers IP address(es)

IPv4 addresses of one or more Session Initiation Protocol (SIP) outbound proxy servers. This option is described in RFC 3361.

138 CAPWAP Access Controller IP address(es)

IPv4 addresses of one or more CAPWAP Access controllers. This option is described in RFC 5417.

156 DHCP State 1 byte integer (Unsigned) State of the IP address. This option is used by ShoreTel phones for an FTP boot option.

Some versions of Fireware OS do not support all the predefined options. If the option code you select requires a specific minimum version of Fireware, a notation appears to the right of the selected code in Policy Manager.

Add DHCP Options

In Fireware XTM v11.9.3 and higher, you can add predefined or custom DHCP options.

If the option required by your vendor is not in the list of predefined options, you can add it as a custom option.

If you use the same DHCP option code for more than one interface, the Type must be the same on each interface.

Use DHCP Relay

One way to assign IP addresses to computers on the trusted or optional networks is to use a DHCP server on a separate network. With this feature, the Firebox sends DHCP requests to the IP address of up to three DHCP servers you specify.

Make sure to Add a Static Route to each DHCP server, if necessary.

Specify DHCP Settings for a Single Interface 

You can specify different DHCP settings for each trusted or optional interface in your configuration.

See Also

Drop-In Mode

Give Us Feedback     Get Support     All Product Documentation     Technical Search