Technical Tip: FortiGate observing logs for DHCP/D...

FortiGate

FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.

Article Id 390304

Description

This article describes the steps to troubleshoot a FortiGate DHCP/DHCPRelay Logs observed under local traffic logs where the interface is not configured with the DHCP Server or DHCP Relay feature.

Scope

FortiGate.

Solution

The FortiGate is configured to log all Local traffic logs:

There are logs recorded for DHCP/DHCP Relay in Local Traffic Logs, and it was observed on Port2:
However, Port2 is not configured to function as a DHCP Server or a DHCP relay agent:
Further investigation on the Local Logs indicates that the DHCP/DHCP Relay packets have been dropped by FortiGate:

This indicates that DHCP packets were received on FortiGate Port2 from other devices in the network. It is an expected behavior for FortiGate to drop the DHCP packet as the interface has not been enabled with DHCP server feature or DHCP relay agent feature.

1065

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Technical Tip: FortiGate observing logs for DHCP/DHCP Relay despite interfaces is not enabled with DHCP Server or DHCP Relay Feature

You are leaving our website