FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Description It is not possible to configure DHCP under VPN tunnel interfaces directly in v6.2.x when configured initially.
This was possible in earlier version.
Solution DHCP for the VPN tunnel interface needs to be done via CLI the first time.
# config system interface edit"dial_up_vpn" set vdom "root" set ip 192.168.16.254 255.255.255.255 set allowaccess ping set type tunnel set remote-ip 192.168.16.254 255.255.255.255 set snmp-index 8 set interface "wan1" next end
# config system dhcp server edit 6 set dns-service default set default-gateway 192.168.16.254 set netmask 255.255.255.0 set interface "dial_up_vpn" # config ip-range edit 1 set start-ip 192.168.16.1 set end-ip 192.168.16.250 next end set timezone-option default set server-type ipsec next end
Once the initial configuration is carried out via CLI, it is possible to configure DHCP directly under the tunnel interface.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.