- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Setup proxy DHCP for SSL VPN and backup DHCP if main DHCP not available
Hi,
I'm trying to find if it is possible.
I want to set up a proxy DHCP for SSL VPN connections, which is a pretty straight forward setup.
In a situation if/when my server with DHCP is down I need still be able to connect to VPN (FortiGate) and receive a proper IP address.
Is there a way to setup a "backup" DHCP server on Fortigate?
Thank you
- Labels:
-
FortiClient
-
FortiGate
Nominate a Forum Post for Knowledge Article Creation
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
config system settings
set dhcp-proxy enable
set dhcp-server-ip "1.1.1.1" "2.2.2.2"
end
FOS does support multiple server IP addresses to be configured.
Technical Tip: SSL VPN with external DHCP Server - Fortinet Community
Hope the above article answers your question.
Thanks.
Inigo Mathew
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Is there a way to make fortigate itself as a backup dhcp server?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
DHCP uses broadcast packet , when you say backup DHCP do you mean your primary DHCP is also in same subnet as Fortigate?
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes.
I'm trying to imagine situation when I'm working remote and for some reasons my main dhcp server is down, so I still need to be able to connect to VPN and get ip address to fix my main dhcp.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I assume your setup is something like this .
PC------HomeRouter---------ISP-----------(SSL)Fortigate------OfficeLAN
In this case you will be getting IP from your home router , your DHCP request (DHCP discocover messages are sent to 255.255.255.255) will not reach fortigate via ISP .
Please correct me if I have misunderstood the scenario or topology
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes you miss understood me.
Regular connection to ssl VPN remotely to fortigate - I can setup proxy dhcp on fortigate. Situation when this proxy dhcp is down I still need to be able to get ip for my ssl VPN connection.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you @SergY . Its clear now, lets assume we manage to configure DHCP server on one of the interface on fortigate and use that IP as the redundant server . There is no option to give priority to one of them primary and other one backup.
They both will be used and the client will get IP from the server who responds first and in this case it will be mostly from Fortigate.
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.