-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
Disabling the SonicWall DHCP server to use another outside the firewall (UTM) - IP helper
07/31/2023 
53 People found this article helpful
495,508 Views
Description
Network administrators can use a DHCP server located outside the SonicWall Internet Security appliance instead of the appliance's built-in DHCP server functionality.
Resolution
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
- Click Network in the top navigation menu.
- Select System |DHCP Server.
- Uncheck Enable DHCP Server.
- Click ACCEPT.
- Click Network in the top navigation menu.
- Select System| IP Helper.
- If not already active, check Enable IP Helper.
- Check Enable DHCP Support.
- Click Add under the IP Helper Policies table. The Add IP Helper Policy window is displayed.
- Select DHCP from the Protocol menu. Select a source Interface or Zone on the From menu. This represents the interface or zone on which the computers reside that will be making DHCP lease requests. Select a destination IP address or subnet from the To menu or select Create a new network to create a new Address Object. This defines the address of the DHCP server that should receive the requests. Enter an optional comment in the Comment field.
- Click OK to add the policy to the IP Helper Policies table.
- Click ACCEPT.
DHCP Server on the WAN Zone
- Make a packet capture for the DHCP Traffic (UDP Ports 67,68).
- Confirm that the packets are being dropped by the SonicWall.
- Create an access rule from WAN to LAN.
- From Zone: WAN
- To Zone: LAN
- Source: Any.
- Destination: DHCP Server IP.
- Service: Ports UDP 67,68.
- Action: Allow.
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
- Click Network in the top navigation menu.
- Select DHCP Server.
- Uncheck Enable DHCP Server.
- Click ACCEPT.
- Click Manage in the top navigation menu.
- Select Network | IP Helper.
- If not already active, check Enable IP Helper.
- Check Enable DHCP Support.
- Click Add under the IP Helper Policies table. The Add IP Helper Policy window is displayed.
- Select DHCP from the Protocol menu. Select a source Interface or Zone on the From menu. This represents the interface or zone on which the computers reside that will be making DHCP lease requests. Select a destination IP address or subnet from the To menu or select Create a new network to create a new Address Object. This defines the address of the DHCP server that should receive the requests. Enter an optional comment in the Comment field.
- Click OK to add the policy to the IP Helper Policies table.
- Click ACCEPT.
DHCP Server on the WAN Zone
- Make a packet capture for the DHCP Traffic (UDP Ports 67,68).
- Confirm that the packets are being dropped by the SonicWall.
- Create an access rule from WAN to LAN.
From Zone: WAN
To Zone: LAN
Source: Any.
Destination: DHCP Server IP.
Service: Ports UDP 67,68.
action: Allow.
Resolution for SonicOS 6.2 and Below
The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.
Firmware 6.X
- Click DHCP on the management interface. On the Setup tab, select Disable DHCP Server.
- Select the Allow DHCP Pass Through check box.
- Click Update.
SonicOS Enhanced
- Navigate to Network | DHCP Server.
- Uncheck Enable DHCP Server.
- Click Apply.
- Navigate to Network |IP Helper.
- If not already active, check Enable IP Helper.
- Check Enable DHCP Support.
- Click Add button under the IP Helper Policies table. The Add IP Helper Policy window is displayed.
- Select DHCP from the Protocol menu.
- Select a source Interface or Zone on the From menu. This represents the interface or zone on which the computers reside that will be making DHCP lease requests.
- Select a destination IP address or subnet from the To menu or select Create a new network to create a new address object. This defines the address of the DHCP server that should receive the requests.
- Enter an optional comment in the Comment field.
- Click OK to add the policy to the IP Helper Policies table.
DHCP Server on the WAN Zone
1- Make a packet capture for the DHCP Traffic (UDP Ports 67,68).
2-Confirm that the packets are being dropped by the SonicWall.
3- Create an access rule from WAN to LAN.
From Zone: WAN
To Zone: LAN
Source: ANY
Destination: DHCP Server IP.
Service: Ports UDP 67,68.
action: Allow. 
Related Articles
- How to Block Google QUIC Protocol on SonicOSX 7.0?
- How to block certain Keywords on SonicOSX 7.0?
- How internal Interfaces can obtain Global IPv6 Addresses using DHCPv6 Prefix Delegation
Categories
- Firewalls > TZ Series > DHCP Server
- Firewalls > SonicWall SuperMassive 9000 Series > DHCP Server
- Firewalls > SonicWall SuperMassive E10000 Series > DHCP Server
- Firewalls > NSa Series > DHCP Server
YES
NO