Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Contributor II

SSLVPN using external DHCP server


I'm trying to get my external DHCP to assign IP-addresses to my SSLVPN clients. According to the SSLVPN documentation you should configure DHCP-relay on the ssl.root interface via CLI. To this pont there are no problems.


In the SSLVPN settings you should specify a Address Range for the SSLVPN and you cannot specify anything else than "Automatically assign addresses" or "Specify custom IP ranges". In the portal settings, I also need to specify "Source IP Pools".


What should I specify there?

I don't want the Fortigate to assign the addresses...

Any ideas?

New Contributor

I have also tried utilizing an internal DHCP server. This is the response I received from Fortinet Support.


Hi,  Thank you for contacting Fortinet Support.  I appreciate the opportunity to assist you with your concern.  Please take note that SSLVPN does not have the DHCP options which is designed for DHCP relay feature. The setup will not work even though the interface DHCP relay option is available for "ssl.root". IPs for the SSL VPN will be assigned by the FortiGate according to the ip pool you have defined within the sslvpn settings or the IP ranges you configured.  Please let me know if you have any additional queries about the issue by updating the ticket at  Feel free to call into the support line and you will be given the option to be transferred directly to me or speak to the next available engineer. 

Note from Forum Administrator: The name of the Fortinet engineer has been removed from this post.  We would ask that you do not include personal details.


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors