Skip to main content

Allow DHCP for your guest users with Cloudi-Fi Cloud based DHCP service

Alexandre de THOMASSON
  • Updated

This article describes the prerequisites for the Cloudi-fi admin interface settings for the DHCP service for your Guest users.

                                                            

 

Pre-requisite: collect all parameters of your existing DHCP service for Guest

In many cases, our Cloud DHCP will replace an existing one. To anticipate the required information in the next steps, we recommend collecting all parameters of your existing solution (IP range, DHCP relay, Options, etc.)

 

Step 1 ) Admin Portal - configure DHCP on the location concerned

1.1. Go to Settings DHCP

If this option doesn’t appear, your admin rights don't allow you to use the DHCP Service. For that, you need to contact your Cloudi-fi support team to allow DHCP service for your account (cf. Administrators Profiles Select your Profile Special roles)

 

1.2 Select the network in which the DHCP Server will be accessible from your network

 

 

1.3 Select the location on which you want to configure Cloud Guest DHCP and click on

Now you can fulfill all DHCP parameters according to your need.

  • set-up the tunnel: 

    • Client IP: List of IPs with which to create a tunnel to the DHCP server

    • If you don't have permanent IP, you can add an FQDN - for instance

      location_name@company_name.cloudi-fi.net

  • Set up the subnet:

    • Subnet: IP range to use for new Guest

    • Relay: IP of the DHCP relay routing DHCP traffic to the actual DHCP server (default gateway)

  • Set up the lease management: 

    • Lease Duration: lease for unauthenticated used

    • Extended Lease: lease duration for users already authenticated

  • Set up the IP address pool: 

    • Start address: first IP that can be used in the subnet

    • End address: last IP that can be used in the subnet

  • Set up the options - information to share in the DHCP response: 

    • Option: Gateway

      • Default gateway the Guest user needs to use

    • Option DNS

      • DNS the Guest user needs to use

1.4. Click on SAVE

 

1.5. Edit your location to collect VPN parameters

Go to Edit Location Information

Now you will find

  • VPN Configuration

    • VPN Secret: VPN Key to use for you IPSEC VPN Tunnel

  • Primary Network

    • Service Subnet: Private IP range (in which DHCP will be) needed to be routed into your tunnel

    • Server Address: Private IP to use by the client to join the DHCP server

 

Step 2) Build the IPSEC VPN Tunnel between your location and the Cloud DHCP

DHCP Server IP address

  • VPN Endpoint IP

    • EMEA

      • 87.98.189.202

      • 135.125.2.85

    • APAC

      • 51.79.178.35

      • 139.99.69.206

    • US

      • 51.81.66.49

      • 147.135.104.170

Recommended settings for IPSec tunnel

Components

Phase 1

Phase 2

Confidentiality

AES-256

AES-256

Integrity

SHA-256

SHA-256

Authentication

Pre-Shared Key (PSK)

N/A

Protocol

N/A

AH

ESP

Encapsulation Mode

N/A

Tunnel Mode

Key Exchange Method

Diffie-Hellman

Diffie-Hellman

Diffie-Hellman Group

2

2

Total Child SAs Supported

N/A

8

SA Lifetime

3 Hours

1 Hours

SA Lifebytes

Unlimited

Unlimited

NAT-Traversal

Enabled

N/A

NAT Keepalive Interval

30 Seconds

N/A

Dead Peer Detection (DPD)

Enabled

N/A

DPD Timeout Interval

30 Seconds

N/A

DPD Maximum Retries

5

N/A

Perfect Forward Secrecy (PFS)

N/A

Disabled

Maximum Transmission Unit (MTU)

N/A

1400 Bytes

Maximum Segment Size (MSS)

N/A

1360 Bytes

Note :

  • Other encryption protocols are supported - please contact you Cloudi-fi support to know them

 

 

Related to

Related articles

Comments

0 comments