does Fortinet provide DHCP conflict detection as Windows does on its DHCP servers?
had an issue today where someone at one time had given a PC an static IP address, and it was in the range of addresses given out via DHCP, and another device was given that address, causing an IP address conflict.
Windows DHCP conflict detection will ping before it gives out the IP address, can fortinet DHCP be set to do that?
The Fortigate does have a DHCP IP leased monitor, which will show removed conflicted IP addresses (towards the bottom of the list) -- though not sure when the detection takes place. But it sounds like the IP address was already leased out when that computer with the static IP came online.
If you need to locate the rouge computer, the Fortigate does have a "get system arp" command that you can use. On the CLI perform a "exec ping <IP address>" then a "get system arp | grep <IP address>" to get the mac address.
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Yes, fortigates have a dhcp conflict monitor available. Under 5.2.1, you can adjust the timeout under any DHCP server entry
set conflicted-ip-timeout X
Ken
PCNSE
NSE
StrongSwan
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1738 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.