Description
This article describes steps to define an excluded range.
Scope
FortiGate.
Solution
FortiGate DHCP server is used to assign an IP address and other information to each host on the network so it can communicate efficiently with other endpoints.
From the GUI, defining the DHCP address range and MAC address reservation is possible.
If a large address range is set for the DHCP server, and if excluding specific IP or a range of addresses is needed, that will not be assigned to the connecting client to configure the excluded range in the DHCP server settings from the CLI.
config system dhcp server
edit <server_entry_number>
config exclude-range -> Exclude one or more ranges of IP addresses from being assigned to clients.
edit <sequence_number>
set start-ip <address>
set end-ip <address>
end
end
end
For example, let’s assume the DHCP client address range has been defined as 192.168.1.2 to 192.168.1.254.
Exclude IP 192.168.1.3 and address range 192.168.1.10-192.168.1.20 from getting assigned to any DHCP client by the FortiGate DHCP server to exempt these IPs in the DHCP server settings.
config system dhcp server
edit 1
config exclude-range
edit 1
set start-ip 192.168.1.3
set end-ip 192.168.1.3
next
edit 2
set start-ip 192.168.1.10
set end-ip 192.168.1.20
next
edit 1
config exclude-range
edit 1
set start-ip 192.168.1.3
set end-ip 192.168.1.3
next
edit 2
set start-ip 192.168.1.10
set end-ip 192.168.1.20
next
end
