Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
DiegoBernardelli
Staff
Staff

Created on ā€Ž04-18-2024 09:23 AM Edited on ā€Ž09-05-2025 02:08 AM By Moderator

Article Id 310376

Technical Tip: How to configure the DHCP option 43 with sub-option 66 the TFTP server for VoIP phones

Description This article describes how to configure the DHCP server on FortiGate to provide the TFTP server's IP  to provision IP phones.
Scope FortiGate, FortiOS v6.4, v7.0, v7.2, v7.4 and v7.6.
Solution

Some IP phones need to receive a TFTP server IP in the DHCP OFFER. Most of the IP phones take this parameter as DHCP option 43 with sub-option 66.

 

This can be configured in FortiOS as follows:

 

config system dhcp server

    edit 3

        set lease time <number of seconds>
        set default-gateway <DG IP>
        set next-server <next server IP>
        set netmask < y.y.y.y >
        set interface <interface name>

            config ip-range

                edit 1

                    set start-ip <x.x.x.x>
                    set end-ip <x.x.y.y>

                next

            end

            config options

                edit 1

                    set code 43
                    set value "4204ac102001"

                next

            end

        set dns-server1 <dns server IP>

    next

    end

end

 

The above configuration sends the DHCP OFFER with the TFTP IP 172.16.32.1 as option 43 and suboption 66.

The HEX string '4204ac102001' should be interpreted as follows:

 

42 = 66 in decimal <- Sub-option 66.

04 = 04 in decimal <- Next 4 bytes.

AC = 172 in decimal.

10 = 16 in decimal.

20 = 32 in decimal.

01 = 01 in decimal.

 

The generated DHCP offer seen from Wireshark should look like the following:

 
 

dhcp_offer.PNG

 

The capture shows the string from the HEX dump with the preamble '2B 06', which is option 43, 6 bytes in length.

The TFTP IP is not displayed in Wireshark as option 43 because it is a generic vendor-specific option, so it could contain anything: Wireshark is not able to understand how to parse the HEX string.

 

How to Enable PXE boot options on FortiGate DHCP.

This allows FortiGate DHCP to push the configuration parameters from the TFTP/boot server to client devices. This is normally achieved with the next-server command under config system dhcp server settings.

 

For example, it is possible to create a PXE boot environment for a VoIP server, and FortiGate will use the next-server command to tell the client where to find the next bootstrap server or the server that hosts the TFTP instance.

 

config system dhcp server

    edit 3

        set ntp-service default

        set default-gateway 172.10.1.1

        set next-server 172.20.0.1 -> Specifies the TFTP/boot server (commonly used in PXE boot environments).

        set netmask 255.255.255.0

        set interface "port5"

            config ip-range

                edit 1

                    set start-ip 172.10.1.50

                    set end-ip 172.10.1.240

                next

            end

        set dns-server1 172.30.50.254

        set dns-server2 172.30.50.253

    next

end

 

All DHCP clients for VoIP phones will point to the TFTP server 172.20.0.1 to begin the boot and register with the VoIP server.

 

Related document:

config system dhcp server 
1964
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.