.. _dhcp-networks-sensor: Configuring Network Sensor DHCP Service ================================================================== The Genian NAC Network Sensor provides DHCP (Dynamic Host Configuration Protocol) service functionality, allowing automatic IP assignment to the managed network range. The items providing DHCP service are as follows, used selectively depending on the network environment: .. list-table:: :widths: 2 7 3 :header-rows: 1 * - Configuration Item - Function Description - Notes * - Local - Provides DHCP service for the Network Sensor's managed range - * - Remote - Network Sensor does not provide DHCP service; DHCP service is provided by a remote server - Requires DHCP Helper Address setting on the switch * - Local and Remote - Provides DHCP service for the Network Sensor's managed range and IP range of remotely configured Network Sensors - .. image:: /images/Genian-NAC-DHCP-Options-1.png :width: 700px Configuring Network Sensor Local DHCP Service ------------------------------------------------------------------------- #. Go to **System** in the top panel. #. In the left **System** menu, select **Sensor Management**. #. Check the checkbox for the **Network Sensor** to configure. #. In the **Select Tasks** menu, click **Bulk Sensor Settings**. #. Perform **DHCP**-related settings: - Change **DHCP Service** setting to **ON**. - Set **Service Target** setting to **Local**. - Enter **Node IP Pool** setting. - Enter **DNS Server** setting. #. Click the ``Save`` button. Configuring Network Sensor Remote DHCP Service ----------------------------------------------------------------------------- Remote DHCP service does not provide DHCP on its own, so a Policy Server configured for Local and Remote is required. #. Go to **System** in the top panel. #. In the left **System** menu, select **Sensor Management**. #. Check the checkbox for the **Network Sensor** to configure. #. In the **Select Tasks** menu, click **Bulk Sensor Settings**. #. Perform **DHCP**-related settings: - Change **DHCP Service** setting to **ON**. - Set **Service Target** setting to **Remote**. #. Click the ``Save`` button. Configuring Policy Server Local and Remote DHCP Service --------------------------------------------------------------------------------- When configuring Local and Remote DHCP service, the IP range of the remotely configured Network Sensor range must be entered into the Node IP Pool. #. Go to **System** in the top panel. #. In the left **System** menu, select **Sensor Management**. #. Check the checkbox for the **Network Sensor** to configure. #. In the **Select Tasks** menu, click **Bulk Sensor Settings**. #. Perform **DHCP**-related settings: - Change **DHCP Service** setting to **ON**. - Set **Service Target** setting to **Local**. - Enter **Node IP Pool** setting (Remotely configured Network Sensor range setting is required). - Enter **DNS Server** setting. #. Click the ``Save`` button. Providing DHCP Service Only from Policy Server ------------------------------------------------ This section is used in environments where the network is a DHCP environment, the Policy Server acts as the DHCP server, and Network Sensors operate remotely. #. Go to **System** in the top menu. #. Select the Policy Server IP and go to the **Sensor Settings** screen. #. In the DHCP section below, configure as follows: - DHCP Service: On - Service Target: Local and Remote - Node IP Pool: Entire Client IP range - Other options also configured according to environment 4. Go to **System Initial Settings > Sensor Settings** in the left System Management menu. 5. In the Sensor Settings window, configure as follows: - DHCP Service: On - Service Target: Remote - **Remote**: The current sensor does not provide DHCP server functionality; another server provides DHCP service. 6. All other **Other Settings** are **Optional**. 7. Click ``Update``. DHCP IP Assignment Prohibition Settings ------------------------------------------------ You can set targets for DHCP IP assignment prohibition. #. Go to **System** in the top panel. #. In the left **System** menu, select **Sensor Management**. #. Check the checkbox for the **Network Sensor** to configure. #. In the **Select Tasks** menu, click **Bulk Sensor Settings**. #. Perform **DHCP**-related settings: - Select **IP Assignment Prohibition Targets**. - Non-Changeable Violation Nodes - Non-Changeable Unconfigured Nodes - MAC Blocked Nodes When **MAC Blocked Nodes** is set, unregistered MACs operate based on the Network Sensor's new node policy. If the new node policy is MAC blocking, IP assignment is restricted, and the node is registered without IP information to allow MAC policy configuration.