Skip to main content

Search

Cloudi-Fi Knowledge Base

How to enable Cloudi-fi DHCP for your guest users

Alexandre de THOMASSON
  • Updated

Step-by-step instructions to set up Cloudi-fi DHCP service for your Guest

Use Case

The following sections will provide step-by-step instructions to enable Cloudi-Fi DHCP.

Prerequisites

Before starting, ensure that you collect all parameters of your existing DHCP service for Guest

In many cases, our Cloud DHCP will replace an existing one. To anticipate the required information in the next steps, we recommend collecting all parameters of your existing solution (IP range, DHCP relay, Options, etc.)

1. Activate Cloudi-Fi DHCP feature

Go to Cloudi-fi Admin Console > Network > DHCP

If this option doesn’t appear, your admin rights don't allow you to use the DHCP Service. For that, you need to contact Cloudi-Fi support team to allow DHCP service for your account (under Administrators -> Profiles -> Select your profile from the Profiles drop down menu)

admin_UI_administrators_profiles_DHCP_RBAC.png

 

Then select the network in which the DHCP Server will be accessible from your network

Cloudi-Fi_Admin_Network_DHCP_activation.png

Then, select the location on which you want to configure Cloud Guest DHCP

Now you can fulfill all DHCP parameters according to your need.
 

2. Activate Cloudi-Fi DHCP service on your locations

Go to Cloudi-fi Admin Console > Network > DHCP and select the Location where you want to enable the DHCP service
 

2.1. VPN configuration

In Location section, configure your IPSEC parameters

Cloudi-Fi_Admin_Network_DHCP_VPN_IPSEC_configuration.png

2.2. Configure your DHCP parameter (pools, options, etc.)

In DHCP Settings section, configure 

  • Lease time: lease for unauthenticated used

  • Extended Lease: lease duration for users already authenticate

  • Default Gateway: Last subnet IP or First subnet IP

  • DNS: DNS the Guest user needs to use

  • Advanced settings (NTP, SMTP, etc.)

You can configure these DHCP settings 

  • Globally i.e. same settings for all of your locations (see Cloudi-fi Admin Console > Network > DHCP > Global Settings)
  • Locally i.e. specific settings from one location to another
  • Pool i.e. specific settings for each DHCP pool

2.3. Add your DHCP pools

Go to Cloudi-fi Admin Console > Network > DHCP, select your Location and click on "Add subnet" 

  • Name: Name of your subnet

  • Subnet: IP range to use for new Guest

  • DHCP Relay: IP of the DHCP relay routing DHCP traffic to the actual DHCP server (default gateway)

Cloudi-Fi_Admin_Network_DHCP_subnet_configuration.png

When creating a subnet,

  • With no preexisting Security Profile, three security profiles are generated:
    • Quarantine All/All with captive portal enabled
    • Blacklist All/All
    • Guests (because captive portal is enabled on the quarantine)
  • With preexisting Security Profiles
    • If no quarantine matches the subnet: Quarantine All/All with captive portal enabled
    • If no blacklist matches the subnet: Blacklist All/All
    • If no quarantine matches the subnet: Guests (because captive portal is enabled on the quarantine)

Cloudi-Fi_Admin_Network_DHCP_subnet_security profiles.png

3. Configure the VPN Tunnel(s) (IPSEC) between your location and the Cloud DHCP

Go to Cloudi-fi Admin Console > Network > DHCP, select your Location and use the IPSEC servers listed

Recommended settings for IPSec tunnel (IKEv2)

Cloudi-Fi_Admin_Network_DHCP_VPN_IPSEC_nodes.png

4. Forward your DHCP request from your DHCP Relay to Cloudi-Fi

Go to Cloudi-fi Admin Console > Network > DHCP, select your Location and select DHCP servers section 

  • Service Subnets: IP range (in which DHCP will be) needed to be routed into your tunnel. It is the (/28) defined in step 1.2 divided in two (/29)
  • Server Address: IP (primary / secondary) to use by the customer to join DHCP service

What's next ?

Congratulations on enabling DHCP service.