Ive been working on this guide to configure DHCP over IPSEC without problems .
https://docs.fortinet.com/document/fortigate/6.2.16/cookbook/189440/ipsec-vpn-with-external-dhcp-ser...
The problem is when the remote user disconnected , the device sends a dhcp release to the dhcp server and the lease goes off.
This is the main reason im migrating sslvpn to dhcp over ipsec if to remains ips of device for 2 weeks at least base on the mac address.
This is what i saw when users disconnected.
DHCP 342 DHCP Release - Transaction ID 0x34073082
Hello,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
HEllo,
I will try to answer your question about how to address the issue where the external DHCP lease gets removed when the user disconnects in an IPsec VPN setup,
Thanks,
1, dhcp lease duration is set to 8 days.
2, the feature is enabled on phase 2.
3, Forticlient is set to use DHCP over IPsec
4, We use EMS 7.2.5 , FortiOs 7.2.10 and FTC 7.0.14.
The connectivity is not the problem, the problem is when user disconnect its automatically sends a dhcp release to dhcp server.
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2677 | |
| 1412 | |
| 810 | |
| 703 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.