Configure the DHCPv4 Server

• Ping Timeout—The amount of time in milliseconds that threat defense device waits to time out a DHCP ping attempt. Valid values range from 10 to 10000 milliseconds. The default value is 50 milliseconds.

  To avoid address conflicts, the threat defense device sends two ICMP ping packets to an address before assigning that address to a DHCP client.

• Lease Length—The amount of time in seconds that the client may use its allocated IP address before the lease expires. Valid values range from 300 to 1048575 seconds. The default value is 3600 seconds (1 hour).

• (Routed mode) Auto-configuration—Enables DHCP auto configuration on the threat defense device. Auto-configuration enables the DHCP server to provide the DHCP clients with the DNS server, domain name, and WINS server information obtained from a DHCP client running on the specified interface. Otherwise, you can disable auto configuration and add the values yourself in Step 4.

• (Routed mode) Interface—Specifies the interface to be used for auto configuration. For a device with virtual routing capability, this interface can only be a global virtual router interface.

• Enter the domain name of the interface. For example, your device may be in the Your_Company domain.

• From the drop-down list, choose the DNS servers (primary and secondary) configured for the interface. To add a new DNS server, see Creating Network Objects.

• From the drop-down list, choose the WINS servers (primary and secondary) configured for the interface. To add a new WINS server, see Creating Network Objects.

• Interface—Choose the interface from the drop-down list. In transparent mode, specify a named bridge group member interface. In routed mode, specify a named routed interface or a named BVI; do not specify the bridge group member interface. Note that each bridge group member interface for the BVI must also be named for the DHCP server to operate.

• Address Pool—The range of IP addresses from lowest to highest that is used by the DHCP server. The range of IP addresses must be on the same subnet as the selected interface and cannot include the IP address of the interface itself.

• Enable DHCP Server—Enables the DHCP server on the selected interface.

• Option Code—The threat defense device supports the DHCP options listed in RFC 2132, RFC 2562, and RFC 5510 to send information. All DHCP options (1 through 255) are supported except for 1, 12, 50–54, 58–59, 61, 67, and 82. See About the DHCPv4 Serverfor more information on DHCP option codes.

  Note	The threat defense device does not verify that the option type and value that you provide match the expected type and value for the option code, as defined in RFC 2132. For more information about option codes and their associated types and expected values, see RFC 2132.

• Type—DHCP option type. Available options include IP, ASCII, and HEX. If you chose IP, you must add IP addresses in the IP Address fields. If you chose ASCII, you must add the ASCII value in the ASCII field. If you chose HEX, you must add the HEX value in the HEX field.

• IP Address 1 and IP Address 2—The IP address(es) to be returned with this option code. To add a new IP address, see Creating Network Objects.

• ASCII—The ASCII value that is returned to the DHCP client. The string cannot include spaces.

• HEX—The HEX value that is returned to the DHCP client. The string must have an even number of digits and no spaces. You do not need to use a 0x prefix.

show dhcpd binding