DHCP Server on DMZ

Posted on

Hello

I'm trying to create a DHCP server on a DMZ, and thru a firewall Juniper send PXE functionality to another segmented networks.

The idea is the next one

My DHCP has a logical connection to a firewall thru network 172.20.0.1/24
The other equipments belong to another networks and are behind the firewall

The other networks are 172.20.1.0/24, 172.20.2.0/24, and even more.

Y configure the firewall to be DHCP relay, but the problem that I've got is on dhcp configuration file

On my dhcp.conf are all networks defined with static ip by MAC address

Ex.

subnet 172.20.1.0 netmask 255.255.255.0 {
option routers 172.20.1.253; --Firewall/Router IP

group {
host host1-zone1 { hardware ethernet 00:21:29:a1:c3:a1; fixed-address 172.20.1.2; }

host host2-zone1  { hardware ethernet 00:21:29:a3:c3:a1; fixed-address 172.20.1.3; }

}
}

subnet 172.20.2.0 netmask 255.255.255.0 {
option routers 172.20.2.253; --Firewall/Router IP

group {
host host1-zone2 { hardware ethernet 00:21:29:cc:c3:a1; fixed-address 172.20.2.2; }

host host2-zone2  { hardware ethernet 00:21:29:dd:c3:a1; fixed-address 172.20.2.3; }

}
}

The problem is when I try to start dhcp service, all subnets are discard because I've not a NIC with the same network defined at PXE server.

My idea is all request must be routed by firewall that is the equipments that knows all networks.

All information will be apreciate.

Best regards

HS

Responses