DHCP (Dynamic Host Configuration Protocol) is a broadcast protocol for dynamically allocating IP
addresses to computers on a network. When a client computer attempts to join a DHCP-enabled network,
the client broadcasts an address request message. A DHCP server on the network responds to the request,
and through the course of several exchanges, an IP address is negotiated for and delivered to the client.

In a DHCP-enabled network, the Clean Access Server can operate in one of several modes:

•

DHCP passthrough – The CAS propagates the DHCP broadcast messages across its interfaces
without modification.

•

DHCP relay – The CAS forwards messages from clients to another DHCP server.

•

DHCP server – The CAS allocates client IP addresses for the managed (untrusted) network.

In DHCP server mode, the Clean Access Server in Real-IP or NAT Gateway mode provides the services
of a full-featured DHCP server. It can allocate addresses from a single IP pool or from multiple pools
across many subnets. It can assign static IP addresses to particular client devices.

Extensive configuration checking in the web admin console helps to ensure that configuration errors are
detected during configuration rather than at deployment. The admin console includes tools for
auto-generating IP pools, making it easier to create many pools at once.

Auto-generating IP pools as a response to heightened virus activity can help to protect your network. By
segmenting your network into many small subnets, you can isolate clients from one another. Since clients
cannot communicate directly across subnets, all traffic between them is routed through the Clean Access
Server, limiting the ability of worms to propagate over peer-to-peer connections.

When you generate subnetted IP address pools, the Clean Access Server is automatically configured as
the router for the subnet. An ARP entry for the subnet is automatically generated as well.

For static addresses, you can reserve a particular IP address for a particular device by MAC address.