Connected devices are not able to get an IP address from the DHCP server configured on FortiGate's interface and get the following error using the DHCP debug command.

diagnose debug reset
diagnose debug application dhcps -1
diagnose debug enable

SC-FG100F # [debug]locate_network prhtype(1) pihtype(1)

[warn]Can't locate subnet in shared network of packet and packet is not a DHCPREQUEST and htype(1) != intf htype(1)..dropping

[debug]locate_network prhtype(1) pihtype(1)

This could be because vci-match is enabled and vci-string is configured on that interface’s DHCP server.

For example:

config system dhcp server

    edit 1

        set dns-service default

        set default-gateway 10.2.2.131

        set netmask 255.255.255.0

        set interface "port3"

            config ip-range

                edit 1

                    set start-ip 10.2.2.133

                    set end-ip 10.2.2.133

                    set vci-match enable

                    set vci-string "FortiSwitch"

                next

In this example, devices that match vci-string 'FortiSwitch' only would be able to connect otherwise will not get an IP.

The solution would be to either disable the vci-match or configure an appropriate vci-string.

config system dhcp server

    edit 1

        config ip-range

            edit 1

                set vci-match disable

        end

end

Or:

config system dhcp server

    edit 1

        set vci-match disable

    next

end

Note: After disabling vci-match the end system runs the below commands and clears the DHCP process, post that the end system got DHCP IP from the DHCP pool.

Type 'ipconfig /release' (no quotes) and press 'Enter'. Once the prompt returns, type 'ipconfig /renew' (no quotes), then hit 'Enter'.

Related document:

VCI pattern matching for DHCP assignment