HP VPN Firewall Appliances Network Management Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

201

202

203

204

205

206

207

208

209

210

184

# Enable the DHCP server on GigabitEthernet 0/1 and GigabitEthernet 0/2.

[Firewall] interface ethernet 1/1

[Firewall-GigabitEthernet0/1] dhcp select server global-pool

[Firewall-GigabitEthernet0/1] quit

[Firewall] interface gigabitethernet 0/2

[Firewall-GigabitEthernet0/2] dhcp select server global-pool

[Firewall-GigabitEthernet0/2] quit

# Exclude IP addresses from dynamic allocation (addresses of the DNS server, WINS server, and

gateways).

[Firewall] dhcp server forbidden-ip 10.1.1.2

[Firewall] dhcp server forbidden-ip 10.1.1.4

[Firewall] dhcp server forbidden-ip 10.1.1.126

[Firewall] dhcp server forbidden-ip 10.1.1.254

# Configure DHCP address pool 0 (subnet, client domain name suffix, and DNS server address).

[Firewall] dhcp server ip-pool 0

[Firewall-dhcp-pool-0] network 10.1.1.0 mask 255.255.255.0

[Firewall-dhcp-pool-0] domain-name aabbcc.com

[Firewall-dhcp-pool-0] dns-list 10.1.1.2

[Firewall-dhcp-pool-0] quit

# Configure DHCP address pool 1 (subnet, gateway, WINS server, and lease duration).

[Firewall] dhcp server ip-pool 1

[Firewall-dhcp-pool-1] network 10.1.1.0 mask 255.255.255.128

[Firewall-dhcp-pool-1] gateway-list 10.1.1.126

[Firewall-dhcp-pool-1] expired day 10 hour 12

[Firewall-dhcp-pool-1] nbns-list 10.1.1.4

[Firewall-dhcp-pool-1] quit

# Configure DHCP address pool 2 (subnet, gateway and lease duration).

[Firewall] dhcp server ip-pool 2

[Firewall-dhcp-pool-2] network 10.1.1.128 mask 255.255.255.128

[Firewall-dhcp-pool-2] expired day 5

[Firewall-dhcp-pool-2] gateway-list 10.1.1.254

Verifying the configuration

Clients on networks 10.1.1.0/25 and 10.1.1.128/25 can obtain correct IP addresses and other network

parameters from Firewall. You can use the display dhcp server ip-in-use command on the DHCP server

to view the IP addresses assigned to the clients.

Self-defined option configuration example

Network requirements

As shown in Figure 111, the DHCP client (Router) obtains its IP address and PXE server addresses from the

DHCP server (Firewall). The IP address belongs to subnet 10.1.1.0/24. The PXE server addresses are

1.2.3.4 and 2.2.2.2.

The DHCP server assigns PXE server addresses to DHCP clients through Option 43, a self-defined option.

The format of Option 43 and that of the PXE server address sub-option are shown in Figure 84 and

Figure

86, res

pectively. The value of Option 43 configured on the DHCP server in this example is 80 0B 00 00

02 01 02 03 04 02 02 02 02. The number 80 is the value of the sub-option type. The number 0B is the