Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
02-24-2024 10:34 AM
My goal is to set up a DHCP server capable of allocating IP addresses according to the hostnames of client machines.
Here are the specific requirements:
We require the DHCP server to oversee three separate IP ranges.
For hostname-based IP assignment:
I would greatly appreciate your assistance in achieving this setup.
02-27-2024 12:42 AM
Hello @hamza_d - the DHCP server will likely need to recognise Option 82, which is the relay agent information option, in order to recognise the DHCP request that has been relayed via the NGFW. Option 12 is the hostname record, so it will need to process that in a manner appropriate to your allocation mechanism. Generally with BNG style functions you would use Option 12 to determine the IP address programmatically, in order to meet this requirement. However, the exact configuration of this depends on your choice of DHCP server and associated subscriber management toolset.
02-25-2024 01:24 PM
Hello @hamza_d - this sort of functionality would be best suited to a dedicated DHCP server; the functionality you describe is akin to IPoE or BNG allocation mechanisms, so a DHCP server designed to work in a BNG environment would be a good start.
To the best of my knowledge, no such pool allocation mechanism exists in the PAN-OS DHCP server, nor is it an item that I would expect to find on a roadmap. However, if you were to use an external DHCP server such as ISC Kea, Windows DHCP Server, or Radiator DHCP, you could proxy DHCP requests through your PAN-OS NGFW using DHCP Relay functionality.
In short, you would achieve this by setting up your DHCP server on a preferably separate network segment, then configure the NGFW interfaces, that face your DHCP clients, using the Network > DHCP > DHCP Relay menu on the administration interface. In there you would define the IP address of your upstream DHCP server. You would repeat this for any and all interfaces facing DHCP client systems.
Configuration of the DHCP server is a separate step, but you would configure that server to use and require both Option 82 and Option 12 in determining its replies.
02-26-2024 11:30 AM
Hello @iarobertson
Thank you for getting back to me.
To ensure I understand your idea better, I see that I'll need a dedicated DHCP server, configure the DHCP relay, and set up three interfaces to meet this requirement. However, I'm unclear about why I need to configure Option 82 and Option 12 on that DHCP server. Could you please provide further clarification on this matter?
02-27-2024 12:42 AM
Hello @hamza_d - the DHCP server will likely need to recognise Option 82, which is the relay agent information option, in order to recognise the DHCP request that has been relayed via the NGFW. Option 12 is the hostname record, so it will need to process that in a manner appropriate to your allocation mechanism. Generally with BNG style functions you would use Option 12 to determine the IP address programmatically, in order to meet this requirement. However, the exact configuration of this depends on your choice of DHCP server and associated subscriber management toolset.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
