| Description | This article describes how to configure the DHCP server on FortiGate to proper send the TFTP server to provision IP phones. |
| Scope | FortiGate, FortiOS v6.4, v7.0, v7.2. |
| Solution |
Some IP phones need to receive a TFTP server IP on the DHCP OFFER. Most of the IP phones take this parameter as DHCP option 43 with sub-option 66.
This can be configured in FortiOS as follows:
config system dhcp server edit 3 set lease time <number of seconds> config ip-range edit 1 set start-ip <x.x.x.x> next end config options edit 1 set code 43 next end set dns-server1 <dns server IP> next end end
The above configuration sends the DHCP OFFER the TFTP IP 172.16.32.1 as option 43 suboption 66. The HEX string '4204ac102001' should be interpreted as follows:
42 = 66 in decimal <- Sub-option 66. 04 = 04 in decimal <- Next 4 bytes. AC = 172 in decimal 10 = 16 in decimal 20 = 32 in decimal 01 = 01 in decimal
The generated DHCP offer seen from Wireshark should look like the following:
The capture shows the string from the HEX dump with the preamble '2B 06' which is option 43, 6 bytes length. The TFTP IP is not displayed in Wireshark as option 43 is a generic vendor specific option, so it could contain anything: Wireshark is not able to understand how to parse the HEX string. |
