Skip to content

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/nsg/sophos-firewall/22.0/Help/en-us/webhelp/onlinehelp/index.html?contextId=CLI-system-dhcp

dhcp

Sophos Firewall supports the configuration of DHCP options, as defined in RFC 2132. DHCP options allow you to specify additional DHCP parameters in the form of pre-defined, vendor-specific information stored in the options field of a DHCP message. When the DHCP message is sent to clients on the network, it provides vendor-specific configuration and service information. Appendix A – DHCP Options (RFC 2132) provides a list of DHCP options by RFC-assigned option number.

Command

system dhcp

Syntax

system dhcp
conf-generation-method [new | old] [show]
dhcp-relay-refresh-interval [show | set] [seconds] <10-10000>
dhcp-options [add | delete | show] [optioncode] <1-65535> [optionname] [binding] [dhcpname]`
lease-over-IPSec [disable | enable | show]
one-lease-per-client [disable | enable | show]
send-dhcp-nak [disable | enable | show]
static-entry-scope [global | network | show]

Options

conf-generation-method [new | old] [show]

Method of generating the backend DHCP configuration file. You require the new file format if you've bound a MAC address in more than one DHCP server configuration. The old method may provide incorrect information, such as for DNS servers and gateway. Default: old.

dhcp-relay-refresh-interval [show | set] [seconds] <10-10000>

Use dhcp-relay-refresh-interval to set the time in seconds for refresh packets to be sent. Available options, 10-1000. Default: 10.

dhcp-options [add | delete | show] [optioncode] <1-65535> [optionname] [binding] [dhcpname]

Use dhcp-options to assign properties from the DHCP server to the clients.

Example: Set a DNS server address.

lease-over-IPSec [disable | enable | show]

Use lease-over-IPSec to specific how DHCP leases are handled for IPsec connections. Default: disable.

one-lease-per-client [disable | enable | show]

Turn this option on or off and show its status. Default: disable.

send-dhcp-nak [disable | enable | show]

Turn this option on or off and show its status. Default: enable.

static-entry-scope [global | network | show]

Turn this option on or off and show its status. Default: network.