configure iphelper on fortigate

Question

HI i am really new to fortigate or any firwall technologies. so do applogise for any miss leading information.. basically we are planning to move our antivirus server (kasperski) to a new OS 2019. so i was wondering do i need to configure iphelper/ip routing address point to the new server on fortigate so it will be the new PXE server. or does it od it automatically when i install kasperski.

we are using windows DHCP. and all the pc are on the same subnet.

we are using fortigate 200E which is our firewall as a the gateway.

lobstercreed · Answer

You have a lot of confusing or outright contradictory information in this post. "iphelper" is what you program on a router to point to a DHCP server that is not on the same subnet as the hosts that are DHCP clients. It is done per subnet, and usually done on the router that serves as the default gateway for those hosts. In this case it sounds like that would be done on the FortiGate, and must already work if you are using a Windows DHCP server.

Settings that are programmed via DHCP, such as PXE server, are programmed on the DHCP server itself and have nothing to do with the router where iphelper is programmed. The only time you would change the iphelper is if the DHCP server was moving. So if you just need to update the PXE server and you're using a Windows DHCP server, you need to update it on the Windows DHCP server for all relevant scopes(subnets).

If you were using the FortiGate to actually *serve* DHCP and *not* act as an "iphelper", then you would need to change the PXE server setting in the DHCP options on the appropriate interfaces; this would have nothing to do with iphelper settings because they would not exist in this scenario.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded