- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
External DHCP for SSL VPN users
I have a FortiGate FGT200F device running firmware 7.* and want to swap from using the internal allocation of VPN IPs via Address List to an internal Windows DHCP server.
What I am having issues understanding is if I set up the DHCP helper/relay on the FortiGate and point to my current DHCP server how does the DHCP server know which IP to allocate? The DHCP server currently issues IPs for internal devices but if I need it to issue IPs for VPN clients then it will need to issue a different IP.
This may be a Windows question but thought someone may have done this before and have some guidance.
Julian
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @julianhaines ,
The DHCP server probably understands this from the DHCP option code and you need to specify the IP address that the FortiGate sends the DHCP request to for ssl-vpn.
As mentioned in the Fortinet article, the IP address you send the request to should be within the DHCP scope. In this way, the DHCP server will know in which range it gives IP addresses.
NSE 4-5-6-7 OT Sec - ENT FW