FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
sagha
Staff
Staff
Article Id 190900
Description
It is not possible to configure DHCP under VPN tunnel interfaces directly in v6.2.x when configured initially.

This was possible in earlier version.





Solution
DHCP for the VPN tunnel interface needs to be done via CLI the first time.
# config system interface
    edit "dial_up_vpn"
        set vdom "root"
        set ip 192.168.16.254 255.255.255.255
        set allowaccess ping
        set type tunnel
        set remote-ip 192.168.16.254 255.255.255.255
        set snmp-index 8
        set interface "wan1"
    next
end

# config system dhcp server
    edit 6
        set dns-service default
        set default-gateway 192.168.16.254
        set netmask 255.255.255.0
        set interface "dial_up_vpn"

            # config ip-range
                edit 1
                    set start-ip 192.168.16.1
                    set end-ip 192.168.16.250
                next
            end
        set timezone-option default
        set server-type ipsec
    next

end
Once the initial configuration is carried out via CLI, it is possible to configure DHCP directly under the tunnel interface.



Related Articles

Technical Tip: DHCP IP address reservation with Dial up IPsec VPN

Contributors