my DHCP server is in 192.168.8.0 network, i also configure my switch for IP HELPER, my question is what policies i need to create in the firewall for the DHCP service applicable to all VLANs i have
Since the GW is not the DHCP server you will need to configure DHCP Relay. Information on that can be found in sk104114. Please read all sections.
I noticed that you have an IP Address configured on both the physical interface eth1 and on the VLANs eth1.10 and eth1.20. According to sk88700 "it is mandatory to remove an IP address from a physical interface before creating any VLAN interfaces on that physical interface."
thank you, say no more IP, what are those policies to be created?
The policies are described in the SK that Kyle linked to.
As you are using IP-Helper on the SWITCH and not on the gateway, all you need to take care of in the rulebase is DHCP-Relay from switch to the DHCP server. This traffic will be sent by the switch on it's management interface to the DHCP server, so that is where you will need to see for the need of any rules.
If this is not passing through the Firewall, when the switch and DHCP server are in the same network, there is no need for any rules.
The SK is referring to the Firewall being the DHCP Relay server.
Make sure to allow the DHCP relay trffic from switch to DHCP server but alos the return traffic needs to be allowed separately.
Retrieving data ...