Checkpoint Firewall: How to configure DHCP Relay on Checkpoint Firewall.

1.Overview

Network administrators can use the DHCP Relay service of the appliances to relay requests and replies between local DHCP Clients and a remote DHCP Server. It allows local hosts to acquire dynamic IP addresses from the remote DHCP Server.

2. Network Diagram

This article will guide you how to configure the DHCP Relay service on Checkpoint to forward requests between computer on the internal network to get dynamic IP from DHCP Server.

3. Instructions.

3.1. Configure DHCP Relay with Separate Network

Step 1: Create a DHCP pool on the DHCP Server.

On the DHCP Server configure the DHCP pool.

Example: Scope named S1

Address Pool: 192.168.10.10 – 192.168.10.100.

Scope Options:

Router: 192.168.10.1

DNS Server: 192.168.2.11

Step 2: Configure DHCP Relay.

On the administrative interface of Checkpoint Firewall > Device > Network > Local Network.

Select a port (LAN3) > click Edit.

In the Configuration tab:

Assigned to: select Separate network.

Local IPv4 address: enter the configured gateway ip on the DHCP pool.

Subnet mask: /24 (255.255.255.0).

Click to select Relay:

DHCP server IP address: Enter the IP address of the DHCP Server.

Configure the Advanced tab you can leave the default.

The DHCPv4 Settings tab will no longer be configurable because the configuration option is DHCP Relay.

Click Apply to save the configuration.

Completed DHCP Relay configuration.

Step 3: Check the configuration.

Check that the internal computer has received IP class 192.168.10.0/24 as configured.

Check on DHCP Server > Address Leases.

3.2. Configure DHCP Relay with VLAN.

On the administrative interface of Checkpoint Firewall > Device > Network > Local Network.

Select a port (LAN6) > Right-click > New > VLAN.

In the Configuration tab:

VLAN ID: Enter the VLAN you want to relay.

Local Network Port: select LAN6 Port.

Assigned to: select Separate network.

Local IPv4 address: enter the configured VLAN Gateway ip on the DHCP pool.

Subnet mask: /24 (255.255.255.0).

Click to select Relay:

DHCP server IP address: Enter the IP address of the DHCP Server.

Configure Advanced tab vs DHCPv4 Settings tab you can leave default.

Click Apply.

Because LAN6 is in Disabled state, you need to Enable it to use it. Click LAN6 > Enable.

Now LAN6.10 is UP. You connect the Switch to Port LAN6 on Checkpoint and configure Port Trunk, VLAN, Access Port on the Switch.

You can configure to create multiple VLAN assignments on the same port.

The internal computer will receive the IP according to VLAN 10.

Hình ảnh này chưa có thuộc tính alt; tên tệp của nó là image-4493.png

Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.