Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
LEO08
New Contributor

DHCP setup question

Hello,

 The Fortigate NGFW we are using in our current location is a 60D. The 60D is being used as the main firewall, DHCP and DNS device. I have been tasked to separate 2 departments into different networks but keep the same DHCP scope for the new networks. My plan is to divide these departments into VLANs however I don’t know if/how you can setup the Fortigate to provide one DHCP scope to separate VLANs.

Can I setup one VLAN to relay DCHP to the other VLAN?

1 Solution
rwpatterson
Valued Contributor III

Your best bet would be to 'fake out' the upper management, and split a class C in half. One VLAN gets the bottom half of the 25 bit subnet, the other VLAN the top. To the unknowledged it looks to be the sane subnet, but they are truly two unique subnets.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

View solution in original post

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
5 REPLIES 5
Toshi_Esumi
SuperUser
SuperUser

I don't think you can, not because of FG, but two different boradcast domains (like VLANs in your case) need to have two different subnets and gateways then only Layer3 router can let them talk each other. To me 1 broadcast domain = 1 DHCP scope.

boneyard

i agree with Toshi Esumi, not possible because of how networking works.

 

why do you want separate VLANs but the same IP range, that will only cause issues.

 

how about two VLANs with different IP ranges and different DHCP scopes?

rwpatterson
Valued Contributor III

Your best bet would be to 'fake out' the upper management, and split a class C in half. One VLAN gets the bottom half of the 25 bit subnet, the other VLAN the top. To the unknowledged it looks to be the sane subnet, but they are truly two unique subnets.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
LEO08

I agree with you all but rwpatterson got it right.. Upper management wants both VLANs to be on the same DHCP scope. I'm going to try to split the class C network into 2 scopes( thanks rwpatterson)

Toshi_Esumi

I guess this is your upper management's educational opportunity. 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors