Configuring DHCP Relay service on the FortiGate unit

Configuring DHCP Relay service on the FortiGate unit

If the clients are configured to obtain a IP address using DHCP relay, configure the FortiGate server as below:

To configure DHCP relay on the FortiGate unit
  1. Go to System > Network > Interfaces and select Interface want to configure DHCP relay.
  2. Enable DHCP Server in the interface and choose Advanced
  3. For Mode, select Relay.
  4. In Type select Regular.
  5. Select OK.
  6. If a router is installed between the FortiGate unit and the DHCP server, define a static route to the DHCP server.

Note : Sometimes it is required to specify more than one DHCP relay IP, to allow for the coverage of additional LAN subnets. Although the Web Based Manager (GUI) does not provide an option to configure this, it is possible to set up to 8 IPs from the CLI.

      config system interface
            edit <REQUIRED_INTERFACE_HERE>
              set dhcp-relay-ip <FIRST_IP> <SECOND_IP> ....<EIGHTH_IP>
            end
       end

In sone case the Advanced... option do not show in the Web UI. We can enable with the command below:

config system global   
     set gui-dhcp-advanced enable
end

Troubleshooting – DHCP

The following commands are used to best troubleshoot the DHCP process:
#diag debug en
#diag debug console timestamp en
The following is used if we use IPSec DHCP relay
#diag debug app dhcprelay 7
The following is used if we are using IPsec DHCP Server
#diag debug app dhcps 7

Nhận xét

Bài đăng phổ biến từ blog này

CLEANING UP THE ZABBIX DATABASE

Stuxnet Trojan - Memory Forensics with Volatility | Part I