FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
oamin
Staff
Staff
Purpose
This article illustrates one method to avoid IP address conflicts on a FortiGate unit.

Scope
FortiGate is being used as a DHCP server

Expectations, Requirements
Background:
IP address assignments to end devices should be unique. 
Most devices will only hold a single ARP entry for a given IP address.  If two or more devices are configured to use the same IP address on the network, this is called an IP address conflict and results in intermittent connectivity issues.


Common Causes:
Typically IP conflicts are caused when either:
- 2 devices were accidentally configured with the same static IP address
- A device was accidentally configured with a static IP address that belongs to the DHCP pool
- 2 DHCP servers accidentally have pools in the same range of IP addresses, and are each independently assigning their clients the same IPs

DHCP conflict detection in FortiOS:

FortiGates unit have a DHCP conflict monitor available.
Adjust the timeout under any DHCP server entry.

#config  system dhcp server
    edit 1
        set conflicted-ip-timeout <60 ~ 8640000 seconds (1 minute ~ 100 days)>
    next
end

Contributors