FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Purpose This article illustrates one method to avoid IP address conflicts on a FortiGate unit.
Scope FortiGate is being used as a DHCP server
Expectations, Requirements Background: IP address assignments to end devices should be unique. Most devices will only hold a single ARP entry for a given IP address. If two or more devices are configured to use the same IP address on the network, this is called an IP address conflict and results in intermittent connectivity issues.
Common Causes: Typically IP conflicts are caused when either: - 2 devices were accidentally configured with the same static IP address - A device was accidentally configured with a static IP address that belongs to the DHCP pool - 2 DHCP servers accidentally have pools in the same range of IP addresses, and are each independently assigning their clients the same IPs
DHCP conflict detection in FortiOS:
FortiGates unit have a DHCP conflict monitor available. Adjust the timeout under any DHCP server entry.
#config system dhcp server edit 1 set conflicted-ip-timeout <60 ~ 8640000 seconds (1 minute ~ 100 days)> next end
