| Description | This article describes how to troubleshoot if the clients are not getting IP addresses from bridged SSIDs. |
| Scope | FortiGate, all firmware. |
| Solution |
Check if DHCP is enabled on the VLAN interface that is configured as the bridge SSID.
If yes, run the following sniffer command:
diag sniffer packet <interfacename> 'port 67 or port 68' 4 0 l
In the above screenshot 'Test1' is the VLAN interface name.
If there is no traffic seen, that means FortiGate is not receiving any discover packet from the client. If there is any switch in between, and the DHCP offer packet not reaching to client then check if DHCP snooping is enabled on the switch.
config switch vlan edit <vlan-id> set dhcp-snooping enable
If the switch is a FortiSwitch, try to add the FortiGate interface as the trusted interface.
config switch-controller managed-switch edit <FortiSwitch_serial_number> config ports edit <port_name> set dhcp-snooping trusted {options are 'trusted | untrusted'} next end next end |
