Disabling the SonicWall DHCP server to use another outside the firewall (UTM) - IP helper

Description

Network administrators can use a DHCP server located outside the SonicWall Internet Security appliance instead of the appliance's built-in DHCP server functionality.

Resolution for SonicOS 7.X

This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.


  1. Click Network in the top navigation menu.
  2. Select System |DHCP Server.
  3. Uncheck Enable DHCP Server.
  4. Click ACCEPT.

Image


  1. Click Network in the top navigation menu.
  2. Select System| IP Helper.
  3. If not already active, check Enable IP Helper.
  4. Check Enable DHCP Support.
  5. Click Add  under the IP Helper Policies table. The Add IP Helper Policy window is displayed.
  6. Select DHCP from the Protocol menu. Select a source Interface or Zone on the From menu. This represents the interface or zone on which the computers reside that will be making DHCP lease requests. Select a destination IP address or subnet from the To menu or select Create a new network to create a new Address Object. This defines the address of the DHCP server that should receive the requests. Enter an optional comment in the Comment field.
  7. Click OK to add the policy to the IP Helper Policies table.
  8. Click ACCEPT.

Image

Image


      DHCP Server on the WAN Zone

  1. Make a packet capture for the DHCP Traffic (UDP Ports 67,68).
  2. Confirm that the packets are being dropped by the SonicWall.
  3. Create an access rule from WAN to LAN. 
  4.   From Zone: WAN
  5.   To Zone: LAN
  6.   Source:  Any. 
  7.   Destination: DHCP Server IP.
  8.   Service: Ports UDP 67,68. 
  9.   Action: Allow. 

Image

Image


Resolution for SonicOS 6.5

This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.


  1. Click Network in the top navigation menu.
  2. Select DHCP Server.
  3. Uncheck Enable DHCP Server.
  4. Click ACCEPT.
    Image

  5. Click Manage in the top navigation menu.
  6. Select Network | IP Helper.
  7. If not already active, check Enable IP Helper.
  8. Check Enable DHCP Support.
  9. Click Add  under the IP Helper Policies table. The Add IP Helper Policy window is displayed.
  10. Select DHCP from the Protocol menu. Select a source Interface or Zone on the From menu. This represents the interface or zone on which the computers reside that will be making DHCP lease requests. Select a destination IP address or subnet from the To menu or select Create a new network to create a new Address Object. This defines the address of the DHCP server that should receive the requests. Enter an optional comment in the Comment field.
  11. Click OK to add the policy to the IP Helper Policies table.
  12. Click ACCEPT.
    Image

DHCP Server on the WAN Zone

  1. Make a packet capture for the DHCP Traffic (UDP Ports 67,68).
  2. Confirm that the packets are being dropped by the SonicWall.
  3. Create an access rule from WAN to LAN.

       From Zone: WAN
       To Zone: LAN
       Source:  Any. 
      Destination: DHCP Server IP.
       Service: Ports UDP 67,68. 
      action: Allow. 
    Image

Resolution for SonicOS 6.2 and Below

The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.


Firmware 6.X

  1. Click DHCP on the management interface. On the Setup tab, select Disable DHCP Server.
  2. Select the Allow DHCP Pass Through check box.
  3. Click Update.

SonicOS Enhanced

  1. Navigate to Network | DHCP Server.
  2. Uncheck Enable DHCP Server.
  3. Click Apply.

    Image


  4. Navigate to Network |IP Helper.
  5. If not already active, check Enable IP Helper.
  6. Check Enable DHCP Support.
  7. Click Add button under the IP Helper Policies table. The Add IP Helper Policy window is displayed.
  8. Select DHCP from the Protocol menu.
  9. Select a source Interface or Zone on the From menu. This represents the interface or zone on which the computers reside that will be making DHCP lease requests.
  10. Select a destination IP address or subnet from the To menu or select Create a new network to create a new address object. This defines the address of the DHCP server that should receive the requests.
  11. Enter an optional comment in the Comment field.
  12. Click OK to add the policy to the IP Helper Policies table.

    Image

    Image

DHCP Server on the WAN Zone

    1- Make a packet capture for the DHCP Traffic (UDP Ports 67,68).

    2-Confirm that the packets are being dropped by the SonicWall.

    3- Create an access rule from WAN to LAN.

   From Zone: WAN
   To Zone: LAN
   Source:  ANY
   Destination: DHCP Server IP.
   Service: Ports UDP 67,68. 
   action: Allow. 
Image


Related Articles

  • SonicOS 8.1.0 FAQ
    Read More
  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • Getting started with SonicWall firewalls
    Read More

Categories

Firewalls
NSa Series
DHCP Server
Firewalls
SonicWall SuperMassive 9000 Series
DHCP Server
Firewalls
SonicWall SuperMassive E10000 Series
DHCP Server
Firewalls
TZ Series
DHCP Server
not finding your answers?
Ask the Community