This article will guide you to configre your SRX firewall device as a DHCP server for your local networks and binding static IP Address for specific MAC Addresses.
Example scenario
- Private Zone subnet - 10.102.100.0/24
- Private Zone Interface - reth1.0
Steps:
1 Configure DHCP Service
Commit following rules to configure your SRX device to act as a DHCP Server.
1
2
3
4
5
set system services dhcp pool 10.102.100.0/24 address-range low 10.102.100.100
set system services dhcp pool 10.102.100.0/24 address-range high 10.102.100.200
set system services dhcp pool 10.102.100.0/24 default-lease-time 3600
set system services dhcp pool 10.102.100.0/24 domain-name lab-network.net
set system services dhcp pool 10.102.100.0/24 router 10.102.100.1
- address-range low - First IP address in your DHCP reserve pool
- address-range high - Last IP address in your DHCP reserve pool
- default-lease-time - Local domain name
- router - Gateway IP for your local network
2. Enable host-inbount-traffic for DHCP Service
Now you’ve to enable dhcp under host-inbound-traffic rules for your SRX’s private network zone interface
1
set security zones security-zone PRIVATE_NETWORK interfaces reth1.0 host-inbound-traffic system-services dhcp
DHCP Service should be now running and it’ll lease IP Address to the servers in your Local Network.
3 Verify DHCP Bindings
Run following command to verify DHCP bindings
1
show system services dhcp binding
4 Static DHCP Bindings
You can bind static IP Addresses to particluar server (Mac Address) as follows.
1
set system services dhcp static-binding 00:xx:xx:xx:xx:x fixed-address 10.102.100.xxx