check the topology I share

check the topology I share

@ISSM  hi, my first thought was why you need router between switch and FW, if there is no specific need to do or any inter vlan routing or any other purpose. yu can configure that as a backup devices for firewall (for routing) incase of firewall failure. you are adding unnecessary complexity and hop between your PCs and internet. 

Hello @ISSM,

what about your problem?

If you absolutly need to install the router between the Firewall and the Switch, yoo need ton consider now that you have a "new" L3 equipement between your LAN and the Firewall. 

ISP <Outside Firewall Inside<0/0/0 Router 0/0/1< Switch < LAN

Considering that the LAN subnet is [192.160.0.0/24] and the VLAN ID is 20.

[ROUTER]

interface gig 0/0/1
description --Sub-Int_To_Switch-LAN
no shut
!
interface gig 0/0/1.20
description --SVI-LAN
ip address 192.160.0.1 255.255.255.0
encapsulation dot1q 20
ip heper-adress <IP DHCP SERVER>
no shut
!
interface gig 0/0/0
description --To-Firewall
ip add 10.0.0.1 255.255.255.252
no shut
!
ip route 0.0.0.0 0.0.0.0 10.0.0.2 name Default_To_Firewall::INSIDE

=> New interco. between Router and Firewall need /30 subnet [10.0.0.0/30]. Then, <IP DHCP SERVER> is 10.0.0.2.

[FIREWALL]

Inside interface: 10.0.0.2 255.255.255.252
Route to LAN: 192.160.0.0 255.255.255.0 10.0.0.1
DHCP server/NAT/Filtering/WAN Interface already configured

As concerned the DHCP Server:

network 192.160.0.0/24
default-router 192.160.0.1 (Gateway of the LAN)
DNS .... etc

[SWITCH]

Interface in front of the Router is a traditionnal Trunk 

The others have already highlighted the issue but let me add some explanation.
DHCP requires layer 2 broadcast in the simplest case - the server and clients in the same subnet/broadcast domain- that's what you had when directly connected to the firewall.
Now you've added the router between them, there's no way for the client DHCP broadcasts to reach the server on the firewall.  Presume you moved the client subnet from firewall to router client facing interface? The easiest way to get the DHCP to the server (firewall) is using DHCP relay which unicasts the client request to the server on behalf of the client.  That's easily done with "ip helper-address <dhcp server ip>" on the client interface of the router and your server (the firewall) must support that too.

If that's too complicated for you to get working you might want to move the DHCP server function to the router itself then no relay required. Example (adjust IP to your local IP subnet and DNS - example uses Google DNS):
ip dhcp bootp ignore
no ip dhcp conflict logging
ip dhcp excluded-address 172.16.0.0 172.16.0.2
ip dhcp pool direct-internet
network 172.16.0.0 255.255.255.0
default-router 172.16.0.1
dns-server 8.8.8.8 8.8.4.4

The excluded address range will be your router interface IP and any other static allocated IP addresses which you don't want DHCP handing out.