Jump to:navigation, search
Wiki

DHCP-Server IPv4

From Securepoint Wiki





























In dieser Seite werden die Variablen für unterschiedliche Sprachen definiert.
Diese Seite wird auf folgenden Seiten eingebunden





























































Setting up the DHCP server for an IPv4 network

Last adaptation to the version: 14.1.1(11.2025)

New:
  • The dialog design has been revised
Last updated: 
notempty
This article refers to a Beta version
Access: UTM-IP:Port or UTM-URL:Port
Port as configured at Network / Appliance Settings / Webserver
Default-Port: 11115
i.e.: https://utm.ttt-point.de:11115
Default: https://192.168.175.1:11115 Network Network Configuration


Prepare IP address ranges

Network configuration UTMuser@firewall.name.fqdnNetwork Network interfaces

For the firewall to function as a DHCP server in a network, a fixed IP from the network range must be configured on the corresponding interface. In this example, IP addresses are assigned in network 192.168.222.0/24. To achieve this, an IP from this network is added to the interface. LAN3 IP addresses → In the selection box, enter or select the IP address from the desired network with the desired subnet mask, if applicable. Here 192.168.222.1/24



Set up DHCP server

DHCP

General

General
Caption Value Description Network configuration UTMuser@firewall.name.fqdnNetwork DHCP-Pools
Enable detailed logging:
notempty
New
 Off When activated, all DHCP requests are recorded in the syslog

DHCP-Pools

DHCP-Pools
  • Multiple DHCP pools can be added
  • Dabei steht nur der erste Pool je Subnetz für dynamische Leases zur Verfügung.
    Weitere Pools sind ausschließlich für statische Leases nutzbar
    Beispiel:
    Pool_1: 192.168.14.20 - 192.168.14.50

    Pool_2: 192.168.14.100 - 192.168.14.150

    • Sind 31 Leases per DHCP vergeben worden, werden keine weiteren dynamischen Leases mehr zugewiesen.
    • Der 32. Client erhält keine IP-Adresse mehr dynamisch zugewiesen und hat damit keine Netzwerk-Kommunikation.
    • Ist einem Client über die MAC-Adresse ein statisches Lease mit der Adresse 192.168.14.101 zugeordnet, wird diese zugewiesen.
  • After clicking Add Pool, the setup wizard opens and the DHCP parameters can be specified
Ignore other SDHCP-Servers: Off When activated, other DHCP servers
notempty
New: IPv4 and IPv6
are ignored

If more than 1000 IP addresses (across all pools together) are required via DHCP, the number of possible leases must be increased.

This is done in the menu Extras Advanced Settings  Area Extc Variables with the variable MAXLEASES.

The value 0 corresponds to the default value of the service: 1000 leases.

If more leases are required, the actual value must be entered here. Edit
Add pool UTMuser@firewall.name.fqdnNetworkNetwork configuration
Step 1: Name and IP range
Step 1 requires the Name for the pool and the valid IP range for the DHCP.
In the example, the following IP addresses are assigned
Pool start address: 192.168.222.150/--- 
Pool end address: 192.168.222.170/--- 
Add pool UTMuser@firewall.name.fqdnNetworkNetwork configuration
Step 2: Nameserver
In step 2, the DNS server for the DHCP clients can be specified.
Either the IP of a public DNS server or the IP of the firewall itself can be entered here. In this example, the clients use the firewall itself as DNS.
notempty
In order for the UTM to also answer the DNS queries from the internal network, a corresponding rule is required.
Add pool UTMuser@firewall.name.fqdnNetworkNetwork configuration
Step 3: Router + Options
In step 3 of the wizard, the default gateway of the DHCP clients is specified.
Caution: Normally, the IP of the firewall is always entered here.
notempty
An incorrect entry in this field may prevent access to the Internet!
Edit pool

After the pool has been created correctly, the pool start and end address can be changed and other parameters of the DHCP pool can be set up to be passed to the DHCP client.


General

Edit pool UTMuser@firewall.name.fqdnNetworkNetwork configuration Edit pool general area

Changes to the pool range start and pool range end possible



Options - DHCP Optionen
Option Option number Value Description Edit pool UTMuser@firewall.name.fqdnNetworkNetwork configuration Edit pool general area
Router: 3 »192.168.222.1 Router configured as in step 3
Domain name: 15 securepoint.local Name of the domain in which the DHCP leases are assigned
Domain name server: 5 »192.168.222.1 Name server as configured in step 2
Netbios name server: 44     NetBIOS over TCP/IP Name Server Option
SMTP-Server: 69     Simple Mail Transport Protocol (SMTP) Server Option
NTP Server: 41     Servers should be listed in order of preference.
Vendor Encapsulated Options: 43     Values must be given coded.
TFTP Server Name: 66 profile.gigaset.net The IPv4 address, or the hostname of the TFTP server
option tftp-server-name text;
Bootfile Name: 67 The name of the bootfile file
option bootfile-name text;
Default URL: 114 https://teamwork.gigaset.com/gigawiki/display/GPPPO/DHCP+option+114 Default URL
option default-url string;
VLAN ID: 132     The ID of the VLAN used
option vlan-id code 132 = text;
option vlan-id "128";
Next Server:     The IPv4 address of the Next server
  • If the value is missing, TFTP may not work.
    • Default Lease Time: 51 600 Seconds Default validity period of the IP address if the client has not requested an explicit duration.
    Maximal Lease Time: 7200 Seconds Maximum validity period of the IP address in seconds that the client may receive when explicitly requested.
    Reject unknown clients: No If activated Yes, an IP address is only assigned if there is a entry at Static DHCP tab for the MAC address of the client.
    notempty
    Changed standard behaviourab v12.7: The static lease entry for the DHCP must be in the same pool to be considered known.
    The static lease entry for the DHCP must be in the same pool to be considered known.
    Erweiterte Einstellungen
    notempty
    New as of: 14.1.1
    Falls weitere DHCP-Einstellungen vorgenommen werden sollen, kann mittels der Schaltfläche Option hinzufügen in dem sich öffnendem Dialogfenster aus allen 256 möglichen Optionen eine ausgewählt und deren Wert eingegeben werden. Pool Option hinzufügen UTMuser@firewall.name.fqdnNetworkNetwork configurationEdit pool
    Caption Value Description Edit pool UTMuser@firewall.name.fqdnNetworkNetwork configuration Erweiterte Einstellungen mit einer eingestellten DHCP-Option
    ID 5 Die ID der DHCP-Option
    Im Dialogfenster wird beim Hovern beim -Icon deren RFC-Nummer angezeigt
    Name Name Servers Der Name der DHCP-Option
    Value 192.168.222.1 Der Wert der DHCP-Option.

    Je nach ausgewählter DHCP-Option kann ein anderer Werttyp benötigt werden.


    Static DHCP

    Static DHCP

    If hosts are to be assigned predefined IP addresses ( fixed IPs bound to the MAC address, but assigned by the UTM), these IPs can be reserved with static leases:
    Configuration under Network Network Configuration  Area Static DHCP button Add Lease

    Host: MaxMustermann-Laptop Meaningful host name Add lease UTMuser@firewall.name.fqdnNetworkNetwork configuration Dialogue Add lease
    Ethernet: 12:34:56:78:90:AB MAC address of the host
    IP: 192.168.222.111/---  IP address to be reserved exclusively for this host
    Save and close Saves and accepts the lease and closes the creation dialogue.
    notempty
    Important: Leases must necessarily be in an existing DHCP pool!
    		Network configuration UTMuser@firewall.name.fqdnNetwork Static DHCP
    notempty
    Joint use of static and dynamic IP addresses within a pool is possible.


    Static leases outside a pool

    Existing static leases that are not within a DHCP pool must be changed!
    If such leases are detected after an update, a message is displayed prompting to adjust the DHCP settings.
    It ist now possible that either
    • the leases are adapted and relocated in existing pools
      or
    • additional DHCP pools are created that contain static leases
      or
    • existing DHCP pools are extended so that they include static leases
    Warning at login

    In dieser Seite werden die Variablen für unterschiedliche Sprachen definiert.
    Diese Seite wird auf folgenden Seiten eingebunden















    Configuration of DHCP-Relay

    With the DHCP relay, devices can receive their network configuration dynamically via the network, even if the DHCP server is located in another subnet.

    Caption Value Description Network Configuration UTMuser@firewall.name.fqdnNetwork Network configuration DHCP relay overview
    activate Debug mode:
    notempty
    New as of v12.7.1
    		 Off Log messages are only written when activated On

    DHCP Relay IPv4

    DHCP Relay IPv4
    DHCP server IP addresses:
    notempty
    updated
    Multiple entries possible
    		 »192.168.178.1 IP addresses of the DHCP server/s
    The network/s in which the servers are located must be known to the UTM.
    DHCP-Relay Client Side Interfaces: LAN2 Interfaces for which the DHCP server is to be responsible.

    DHCP Relay IPv6

    DHCP Relay IPv6
    DHCP-Relay Server Side Interfaces: LAN1 Interface behind which a DHCP-v6 server is located.
    DHCP-Relay Client Side Interfaces: LAN2 Interfaces for which a DHCP-v6 server is to be responsible.


    Widget

    In the administrator interface of the UTM, there is a DHCP widget that provides an overview of the existing DHCP connections.
    Further information can be found in the Wiki article UTM Widgets.


    Retrieved from "https://wiki.securepoint.de/index.php?title=UTM/NET/DHCP_Server-v4&oldid=100304"