Created on 01-26-2010 08:32 AM Edited on 12-16-2021 02:39 PM By Anonymous
Description
When a DHCP server is configured on a FortiGate port or VLAN, the DHCP IP Range must be in the same subnet as the port or the VLAN IP subnet.
If a secondary IP address is added to the port or the VLAN, the DHCP IP range can NOT belong to this secondary IP subnet.
Scope
All FortiOS
Solution
Example of port configuration :
config system interface edit "port2" set vdom "root" set ip 10.10.10.1 255.255.255.0 set type physical config secondaryip edit 1 set allowaccess ping set ip 10.11.11.1 255.255.255.0 next end next end |
Corresponding DHCP configuration example :
config system dhcp server edit "DHCP server net_10" set default-gateway 10.10.10.1 set interface "port2" set lease-time 300 set netmask 255.255.255.0 set end-ip 10.10.10.101 set start-ip 10.10.10.100 next end |
This DHCP setting will *not* work :
set end-ip 10.11.11.101 set start-ip 10.11.11.100 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.