Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 5 subscribers
  • Views 8983 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM DHCP extend range

Andy Johnson

Hi,

I am using Sophos UTM also as my DHCP server. I have IP addresses available from 192.168.2.1 to 192.168.2.255 (I believe this range of 256 IP addresses are default because of subnet mask 24)

I went into DHCP and then on servers tab, I see the following settings:

Interface: Internal

Range Start: 192.168.2.1

Range End: 192.168.2.99

DNS Server: 192.168.2.100 (This is my Sophos Asmin url as well)

Lease Time: 86400

This internal interface is also created when I installed the Sophos and I believe that is not editable and which is 192.168.2.0/24

 

Now I would like to expand my DHCP range from 192.168.2.1 to 192.168.3.255 (or preferably 192.168.4.255) as I am running out of my IP address assignments.

currently I have reserved 192.168.2.101 to 192.168.2.255 for static IP assignments and DHCP for the 192.168.2.1 to 192.168.2.99 as seen from above configuration (I know I messed up a bit and I should have assigned static IPs first in the list and then dynamic IP assignments for later range.)

Now my question is, how can I extend my IP ranges?

And also, how can I change my static IP assignments to fix it the correct way without much disrupting my home network.

 

Thanks



This thread was automatically locked due to age.
  • 0

    How do you plan on having 3x 254 (usable) ip's when home license is only valid for 50?

    You would need to define a different subnet mask.  Instead of /24, you'd need to use a /23 subnet mask.  That gives you usable 192.168.2.1 through 192.168.3.254.  .0 and .255 are reserved.

    Change your 192.168.2.100 ip at interfaces & routing/interfaces.

    Nearly every element in utm can be changed.

  • 0 in reply to Jay Jay

    Jay,

    I know that Home license is only for 50 ips but I believe this is for 50 active ips at any given time. Please correct me if I am wrong about it.

    I want to make that change because my kids and (I also) need different kind of vms all the time and I would like to create vm and assign static IPs to it so that they can connect to it using a host name instead of IP address.

    For this change to happen, do I need to create another "network" in "network definitions" and assign that newly created network to DHCP->servers page?

    Default network created during installation is not editable.

    Can you please guide me through it? I am not a network guy. I am a programmer and I have very little understanding of networking.

    How disruptive this change is going to be? I believe I can always revert it back?

    I am afraid for just one thing only. If I can't connect to Sophos web interface after this change, there is going to be a disaster and I will have to reinstall and reconfigure my server back.

     

  • 0 in reply to Andy Johnson

    Someone more knowledgeable about the licensing will need to address that.

    First off, before making *any* changes, make a manual backup under management/backup & restore.  That's the first thing I do before I start implementing any changes.  Makes reverting that much easier than trying to remember which changes to undo.

    You'll need to clarify what vm's have to do with having 508 different ip's available.

    I have my local domain defined as local.domain.  That's defined in network services/dhcp/dhcp server for the local lan.

    Each device on the lan with a static dhcp address is defined as below. Note the settings under DNS settings.  This allows reference of the device by it's hostname.

    What do you mean default network created during installation not editable?

    I can edit any part of the config, including the subnet, or the network address, interface, type, etc.

    If you have multiple interfaces, you can define and assign an additional management interface that's accessible through the webui.

    Rather than address your questions out of context, perhaps if you tell us what you're trying to accomplish it would allow a more meaningful response.

  • 0 in reply to Andy Johnson

    The license is for 50 IPs "seen" by the UTM over the last seven days.

    If your VMs aren't communicating with the outside world or to a DMZ, those IPs won't be counted.  So, for example, if you have 192.168.2.0/23 (255.255.254.0) for your LAN, you must be sure that all VMs have the same subnet assigned.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML