Skip to main content
lsaroukhani
Staff
lsaroukhani
Staff
May 11, 2026

Technical Tip: How to collect status of DHCP snooping on a managed FortiSwitch from FortiGate CLI

  • May 11, 2026
  • 0 replies
  • 45 views

Description

This article describes how to collect status of DHCP snooping on a managed FortiSwitch from the FortiGate CLI.

Scope

Managed FortiSwitch, FortiGate.

Solution

Collect DHCP snooping client and server information with the command 'diagnose switch-controller switch-info dhcp-snooping status <FortiSwitch serial number>' command.


In the output below, one FortiAP is connected to FortiSwitch port2. The Access point received a DCHP lease of 10.8.8.2 from the DCHP server 10.8.8.8 on VLAN 3.


# diagnose switch-controller switch-info dhcp-snooping status S108EPXXXXXXXXXX
S108EPXXXXXXXXXX:
Client db:
S    MAC Address    VLAN      Client IP        Lease Time(D:H:M:S)      Expiry Time(D:H:M:S)        Interface        Host Name      Domain Name       Vendor         Server IP
 e8:1c:ba:96:19:78   3        10.8.8.2             7:0:0:0                  6:23:59:16               port2                                       FortiAP-FP423E      10.8.8.8
Server db:
mac        vlan          ip            interface          status           svr-state          last-seen-time             expiry-time         OFFER/ACK/NAK/OTHER
e0:23:ff:fc:bc:07   3        10.8.8.8      GT61EXXXXXXXXXX       trusted          disabled         2026-05-07 11:41:50       2026-05-08 11:41:50        2/59/0/0


Collect DHCP snooping configuration details with the 'diagnose switch-controller switch-info dhcp-snooping  database <FortiSwitch Serial Number> command:

# diagnose switch-controller switch-info dhcp-snooping database S108EPXXXXXXXXXX
S108EPXXXXXXXXXX:
snoop-enabled-vlans             : 
verifysrcmac-enabled-vlans      :
option82-enabled-vlans          :
option82-trust-enabled-intfs    :
trusted ports    :GT61EXXXXXXXXXX GT61EXXXXXXXXXX
untrusted ports  : port1 port2 port3 port4 port9 port10
Max Client Database Entries      : 512
Client Database          : 1
Max Server Database Entries      : 128
Server Database          : 1
Limit Database           : 1 / 256
DHCP Global Configuration:
==========================
DHCP Broadcast Mode              : Trusted
DHCP Allowed Server List         : Disable
Add hostname in Option82         : Disable


Related articles:

    Terms & ConditionsAccessibility statement