if you are supporting dynamic ip addressing, you must choose routed configuration.

    if you choose the dynamic host configuration protocol (dhcp) option, the firebox will request its ip address, gateway, and netmask from a

    dhcp server managed by your internet service provider (isp). this server can also provide wins and dns server information for your firebox. if it does not, you must add it manually to your configuration, as described in “entering wins and dns server addresses” on page 58.

    you can also change the wins and dns values provided by your isp, if necessary.

    point-to-point protocol over ethernet (pppoe) is also supported. as with dhcp, the firebox initiates a pppoe protocol connection to your isp’s pppoe server, which automatically configures your ip address, gateway, and netmask. however, pppoe does not propagate dns and wins server information as dhcp does.

    if you are using pppoe on the external interface, you will need the ppp user name and password when you set up your network. both username and password each have a 256-byte capacity.when the firebox is configured such that it obtains its ip addresses dynamically, the following functionality (which requires a static ip address) is not supported unless you are certain that the dynamic ip settings sent by your isp will not change:

    1?high availability (not supported on firebox 500)

    2?drop-in mode

    3?1-to-1 nat

    4?enabling the firebox as a dvcp server

    5?bovpn using basic dvcp (not supported on factory default firebox 500)

    6?muvpn

    7?ruvpn with pptp

    regardless of whether the ip settings are stable, 1-to-1 nat and external aliases are not supported when the firebox is a pppoe client, and manual ipsec tunnels are not supported when the firebox is a dhcp or pppoe client.