This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

DHCP, AD and VLANS

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

DHCP, AD and VLANS

Go to solution
amariano
Not applicable

‎07-13-2011 06:57 AM

We've just purchased our Palo Alto and are getting ready to configure. I just had a quick question on using AD.

Currently we have HP Procurves connected to a Radius server and Active Directory running DHCP. We'd like to simply and take the Radius server out of the picture and use the Palo Alto to set up our vlans so that they are role based. DHCP would then run on the Palo Alto. For example, a student gets a an IP on the student vlan, teacher on the teacher vlan, etc.

Could someone let me know if this is possible? - Thanks.

0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
kalavi
L4 Transporter

‎07-14-2011 10:55 AM

Hi,

It is possible to create a DHCP pool for a particular vlan on PAN boxes. Steps are:

1) Network---> DHCP

2) Create a New DHCP pool for that particular vlan or interface

View solution in original post

0 Likes Likes
3 REPLIES 3

Go to solution
kalavi
L4 Transporter

‎07-14-2011 10:55 AM

Hi,

It is possible to create a DHCP pool for a particular vlan on PAN boxes. Steps are:

1) Network---> DHCP

2) Create a New DHCP pool for that particular vlan or interface

0 Likes Likes

Go to solution
bradenmcg
L3 Networker

‎07-14-2011 12:41 PM

If this is an Active Directory domain, it's generally not a great idea to take DHCP away from your domain controllers.  Reason is that normally, DHCP will work with DNS on AD servers to enable dynamic updates, so a machine's hostname is always associated to its correct IP.

If the machines aren't on the domain it doesn't really matter as much, but it's still not recommended.  MS suggests that you use their DHCP along with AD because of dynamic updates.

I'm not sure how you would be able to remove the RADIUS server in your scenario, because I assume you're using 802.11x authentication (with RADIUS) in order to drop the ports on the procurves into the correct VLAN based on user authentication.  Unless you want to move the RADIUS function to the PAN - you can't do this, the PAN isn't a RADIUS server.

Go to solution
CentCom
Not applicable
In response to kalavi

‎04-04-2012 08:21 AM

Would each VLAN in this case count as a seperate DHCP server?  I have a PA-500 that I would like to setup a few different DHCP scopes for various VLANS and it appears that I'm limited to 3 DHCP servers on the PA-500.

0 Likes Likes
  • 1 accepted solution
  • 3048 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks