i guess your Barracuda is the Default Gateway of your DHCP Server. Right?
Did you see any DHCP Packets from ZD to your DHCP on your FW? If yes, are there also Packets vice versa?
Try to create a static IP Route on your DHCP Server and Route your VLANs 590 and 600 to your ZD. So your DHCP should return his DHCP Offer to your ZD.
Maybe you should also temporary create a Rule on your Barracuda to allow traffic with all Ports from ZD to DHCP and vice versa. If everything works you can change the Firewall Rule to allow only Port UDP 67.
Maybe it works.
In the past i always did DHCP Relaying on my Default Gateway. This is because i never ran into this issue by myself.
unfotunatelly i don't know exaclty how DHCP Relay with ZD works.
Like i wrote i my Default Gatway (most of my Installations the L3 Core Switch) did this part. Maybe you should try this also.
On another Thread i found this:
"To make DHCP relay on ZD you must configure on ZD menu first. Login to your ruckus ZD, then choose menu configure-DHCP Relay then create new fill Name, fill Description, IP Addess DHCP-fill first IP Address DHCP server and second IP Address DHCP server. Then second you need to configure your ip dhcp helper on your switch L2/L3 to connected ZD and Access Point to mapping your DHCP server to your ZD, you also must check your routing that ZD must connected to your DHCP server, test by ping IP Address DHCP Server from ZD with tool ping. As my experience installation DHCP relay on ZD. I must add command at my switch L3 with ip dhcp helper ip address. After I add command ip dhcp helper then I test connect to AP Ruckus, my notebook client get IP Address from DHCP server."
additional Info from ZD Help:
The traffic flow is as follows:
- Client sends DHCP discover broadcast.
- AP tunnels this DHCP discover frame to ZoneDirector.
- DHCP Relay Agent sends unicast DHCP discover packet to DHCP server.
- DHCP server sends DHCP offer to Relay Agent on ZoneDirector.
- ZoneDirector sends DHCP Offer back to the AP.
- AP sends this Offer to client.
So i think there is no need to create a DHCP Helper on your Switch/FW.
The big question (for me) is, how your DHCP Server should be able to know, from which Scope he should offer an IP. Maybe your ZD relay the DHCP Discover frame with his IP from your Management VLAN 700. Your DHCP gets the frame, looks "inside" and see the relaying IP from your ZD. Because your DHCP Server did not have a configured Scope for this Network (VLAN 700) he also can't offer an DHCP IP.
I don't know how else your DHCP should be able to know, from which Scope he should give you a DHCP IP.