Technical Tip: Gateway configuration for DHCP and PPPOE SD-WAN members
Description
This article shows how to configure the gateway for DHCP and PPPOE SDWAN members.
Scope
FortiGate.
Solution
Pre-requisite:
Make sure the DHCP interface status shows as Connected.
 
Configuration example in CLI:
config system interface
edit "port4"
set vdom "root"
set mode dhcp
set allowaccess ping https ssh http telnet fgfm
set type physical
set lldp-reception enable
set role wan
set snmp-index 4
next
end
If an interface is configured to use DHCP or PPOE and added to an SD-WAN interface, select 'Dynamic' for Gateway, as the gateway is learned dynamically through the DHCP process.
The SD-WAN member configuration should be:
 
Through CLI:
FGT-HUB # config system sdwan
FGT-HUB (sdwan) # config members
FGT-HUB (members) # edit "1"
FGT-HUB (1) # show
config members
edit 1
set interface "port4"
set zone "underlay"
next
end
Extra caution should be taken if the DHCP interface is added first and is the only underlay interface, as adding the DHCP interface as an SD-WAN member will erase the dynamically added default route added through the DHCP process. To overcome this, before adding the DHCP interface as an SD-WAN member, it is necessary to add a default static route pointing to the DHCP interface:
 
Through CLI:
FGT-HUB # config router static
FGT-HUB (static) # edit "2"
FGT-HUB (2) # show
config router static
edit 2
set device "port4"
set dynamic-gateway enable
next
end
After adding the DHCP interface to SDWAN, you can modify the created default static route to use the SD-WAN interface. The SD-WAN interface cannot be used in routing before adding a member.