Help
FortiNAC-F
FortiNAC-F is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks. For legacy FortiNAC articles prior to FortiNAC-F 7.2, see FortiNAC.
sjerry
Staff
Staff

Created on ‎10-20-2025 11:10 AM

Article Id 415502

Troubleshooting Tip: DORA packet review in the newer Kea DHCP format

Description

This article describes ways to assist troubleshooting of DHCP in the newer Kea DHCP format in nacOS 7.6.3+.
Scope FortiNAC-F 7.6.3+.
Solution

A complete DHCP cycle looks like the following: 

 
DHCPDISCOVER is sent from Host to NAC
DHCPOFFER  is sent from NAC to Host
DHCPREQUEST  is sent from Host to NAC
DHCPACK from NAC to Host


Make sure the service is active and running:

 

execute service status kea-dhcp4


service.png
Run the following in the nacOS CLI to see the DORA process:

 

execute tcpdump -i port2 -v 'port 67 or port 68' 

DO.png
RA.png

Use a packet capture application to filter against specific MACs to simplify troubleshooting:

dhcp.png
85
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.