Is it possible to use DHCP relay to pass SSLVPN IP requests to a true DHCP server instead of just using an SSLVPN Address Pool?
I see in the ssl.root interface, through CLI, the ability to enable DHCP relay, but not sure if this will work or not.
Scenario I've been asked for by a client is DHCP Options for a VOIP phone. They use SSLVPN in tunnel mode for remote connection to their offices. My first thought was, how would the phones be using SSLVPN? It turns out they plug the phone in to their PC (which is connected via tunnel) and the phone expects to get a config file via configured DHCP options. It's a strange setup, for sure - and I've reached back to my client contact to see if there's any other automated way they could put the config details on the phone.
If we check the SLL VPN Guide , page 17:
We have IP addresses for users and DHCP relay of IP address.
If we check DHCP relay of IP address we can see that DHCP relay in SSL VPN is not for the users but for FortiGate.
The FortiGate can get an IP address via DHCP server for SSL VPN services.
If we check ssl vpn setting you do not have any configuration about DHCP.
If you want use DHCP relay, I can recommend you IPSec, please refer IPsec VPN Guide: