Description |
This article describes a workaround where the DHCP client can get an IP address from the DHCP server (upstream device) when the FortiGate is in policy-based mode, and a software switch is being used to aggregate interfaces to interconnect the client and the DHCP server.
Topology: Laptop (DHCP Client) -> Switch -> FortiGate Software Switch interfaces -> Router (DHCP Server)
When configuring the software switch interface, there are two intra-switch policy options:
If the implicit option is chosen, everything will work fine. Otherwise, stumble on the following issue:
|
Scope |
FortiGate v5.6 and above. |
Solution |
The current workaround is choosing the implicit intra-switch policy, instead of the explicit policy.
When the software switch interface is already created, the intra-policy mode cannot be changed. So, it is necessary to remove all the references from the software switch interface, delete it, and then set the option 'Implicit' while re-creating it.
|
Very Useful information! Great job.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.