Setting Up VLANs and DHCP server in ScreenOS

Posted on Mon 14 September 2015 in misc

In this example I wanted to create a VLAN attached to e0/1 for use with my KVM lab.  You'll notice I give this interface an IP address, this is so that I can have my ScreenOS device do all the routing / NATing / firewalling in isolated VLANs. I also create a DHCP server.  I make the interface pingable as it may well be the internet gateway for anything inside the VLAN.

Create new zone and interface

set zone name vlan69
set int ethernet0/1.1 tag 69 zone vlan69
set int e1.1 ip 10.10.69.254/24
set int e1.1 routeset int e1.1 manage ping
save

Setting Up DHCP Server

set int e1.1 dhcp server service
set int e1.1 dhcp server enable
set int e1.1 dhcp server option lease 71582788 #unlimited lease
set int e1.1 dhcp server option gateway 10.10.69.254
set int e1.1 dhcp server option netmask 255.255.255.0
set int e1.1 dhcp server option dns1 8.8.8.8
set int e1.1 dhcp server ip 10.10.69.10 to 10.10.69.240
set int e1.1 dhcp server config next-server-ip #unsets this
unset int e1.1 dhcp server config updatable
save

Checking DHCP Server Config

# Check config options
get int e1.1 dhcp server option   # Check allocated leases
get int e1.1 dhcp server ip allocate

screenos vlan