Hi, I have a Fortigate 60F with FortiOS v6.4.6 and I want to distribute a different range of IP addresses based on the switch port to which the client is connected. For that, I am using a 24-port Aruba 1930 Swit
I have configured the VLAN on the Fortigate and activated the DHCP server on it. The server distributes the IP addresses in two ranges: 192.168.10.1 - 192.168.10.100 and 192.168.10.101 - 192.168.10.200.
The VLAN is linked to the internal interface, and I have linked port 1 of the Fortigate to a trunked port on the switch.
I want switch ports 1 to 12 to receive the first DHCP range and 13 to 20 to receive the other range. Is there a way to do this?
Thanks in advance.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Since the DHCP server is configured on the VLAN interface, only the DHCP requests received on this VLAN will be replied to by the fortigate. Fortigate cannot differentiate if the traffic is coming from port 1 to 12 or from port 13 to 20 of your switch. I recommend adding ports 1 to 12 under one vlan and 13 to 20 on a separate VLAN. So basically, tag these ports on the switch and add two VLANs on the fortigate or you can use the DHCP relay agent on the fortigate which will send all the DHCP traffic to your internal server. The server then can assign the ip based on the vlan tag
Hi DeF4uIT,
Keep in mind that version 6.4.x is gonna be out of support soon.
You should be aware about the EOS for each FortiOS. In case you guys haven't planned an upgrade to a newer version you should start to think about it. Here is a table will all FortiOS version and the last day of support.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1634 | |
1063 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.