Hi All,
May sound stupid, but I'm still new with Forti. I've got a FW I built over a year ago, and need to go back and alter DHCP addressing options for some of the VLANs which are members of a ZONE. I cant seem to be able to do this anywhere in the GUI, whilst I can for network interfaces which aren't members of zones.
Is this normal, or am I missing an options screen anywhere? Is this a CLI only config?
Whether it's a member of a zone or not should have no bearing on the options available for DHCP. The VLAN interface should still appear as a subinterface of the physical interface it is tagged on.
I can see the VLANs listed as sub interfaces - but nowhere do I get the options to admin DHCP for them? I can't see anything under interfaces or objects either, and don't see VLANs listed anywhere else.
Not sure what FortiOS you're on -- might be relevant but I've had no trouble with this in recent memory (6.0 and up). Here's the admin guide for 6.4 (what I run)
https://docs.fortinet.com/document/fortigate/6.4.0/administration-guide/783526/dhcp-server
You say you can see the VLANs listed as subinterfaces -- what does the screen look like when you edit the subinterface? Should be exactly the same as any physical interface -- do you see the DHCP options under a physical interface?
No, I only see DHCP options when administering an interface which isn't a member of a ZONE. All of the VLANs which are member of Zone, there is literally nothing listed in ability to admin DHCP DHCP is working for all of the VLANs, with whatever options I set originally when I built this FW around 18 months back. I can also view DHCP clients by clicking on the VLANs listed under a zone, and then set reservations.
I just have no way to go back in and edit the DHCP server ranges themselves, or even see them anywhere!
The VLANS listed under object / addresses have no way to edit here also.
It really is bizarre.
None of these screenshots are the interface edit screen. Are you sure you're going to the correct place (i.e. the interface edit screen)? See mine below. It is no different whether it is a member of a zone or not (mine is, btw). You have to edit the interface under the physical interface it is attached to.
OK, very embarrassing, but for anyone like me who has started wearing glasses for the last few months and works on a small laptop with Hi Res dispay, you may laugh. Under interfaces, CORE has a tiny little cross next to it, which collapses by default each view refresh... Seeing the VLANS listed under zones was the red herring!
bump for this! I can't find anything in the admin guide, or even online. I feel like i must be missing something obvious, or a GUI view has something hidden from me? It hasn't been urgent up till now, but need to get this adjusted now.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.