Every few months some users can't connect to our Wifi network ( running out of 255 ip addresses )?
I've inherited a fortigate 60E in a business location. The owners say every few months people can't connect to the wifi network. The business gets dozens of people a day who connect to the Wifi. So my suspicion is the Fortigate is hitting some limit of 255 192.168.1.X ip addresses? In the past I would tell them to reboot the Internet modem going into the fortigate. That would clear things up. But now looking to get to the bottom of this and solve it :)
Here's what I see in the settings below. Ignore the "Guest Wifi VLAN" as nobody uses that as it does not work. Folks connect to the regular Wifi network and get a 192.168.1.x address.
Most likely a DHCP lease time issue. Set the DHCP lease time to something really short like 30 minutes. Especially if this wi-fi network services visitors who come and go. That way DHCP leases won't be stuck and filling up the table preventing new leases for new visitors.
If it's a concurrent connection issue (i.e. you have >255 users at once on the network) you need to increase the subnet size.
Thanks. Whereabouts in the web GUI for the fortigate 60e can I edit the DHCP lease settings? At most we will have 50 concurrent users so I guess no need to increase the subnet size. However we have staff who connect to the Wifi everyday. Will changing the lease to 30 minutes potentially adversely affect them?
Thanks, I am using this version of the GUI. I am very nervous about making any changes via command line as I don't want to risk breaking anything.. Would prefer if I can post screenshots of what I want to do before actually doing them :)
I don't think I see any options for DHCP lease in our GUI. However, I am not sure I am looking at the right place. In the guide you linked to it says, "On low-end FortiGate units, a DHCP server is configured on the internal interface". So if I "Edit" the internal interface I get the options below.
If I have to do via command line what would I have to enter for the values:
Again, I am very nervous one wrong entry is going to break the whole system...
config system dhcp server
set interface <interface>
set netmask <netmask>
set lease-time <seconds>
Ah ok, think I found it after scrolling down! Seems it is set to 1 week. I will change it to 1 day ( 86400 ) unless you think otherwise . I know you mentioned 30 minutes, but seems 1 day should work, no?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.