Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
storaid
Contributor

how to give the ON-Net status to DHCP client via external DHCP server??

hello, fortinet and everyone...

I know using code 224 option sends S/N to DHCP client and make client using FCT keep On-Net status...

but it's good working only for dhcp server function with fortigate...

 

I'm using windows dhcp server...

the windows dhcp server does not send it to client during dhcp prcoess even if you added this option on DHCP Standard options by setting predefined options ....

the code 224 option is not dhcp standard option, it's just a private-use option...

my question is

how to send this option which belong to a set of vendor-specific extension to dhcp client???

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2

FSW224B x1

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2 FSW224B x1
18 REPLIES 18
Christopher_McMullan

The DHCP option 224 should work with Windows servers acting as a DHCP server. Which version is running - 2008 R2 or 2012? With 2012, you would enter the FortiGate S/N in regular text, but 2008 R2 requires you to enter it in hex.

Regards, Chris McMullan Fortinet Ottawa

storaid

Christopher McMullan_FTNT wrote:

The DHCP option 224 should work with Windows servers acting as a DHCP server. Which version is running - 2008 R2 or 2012? With 2012, you would enter the FortiGate S/N in regular text, but 2008 R2 requires you to enter it in hex.

OS: WINDOWS 2012...

"The DHCP option 224 should work with Windows servers acting as a DHCP server. "

option 224 is not standard option...

you sure the option 224 is included in the dhcp offer message for windows 2012???

"With 2012, you would enter the FortiGate S/N in regular text, but 2008 R2 requires you to enter it in hex."

I use the wireshark to check dhcp handshake...

I don't find option 224 was sent to the dhcp client...

 

for built-in dhcp server function with fortigate, I have confirmed this option was definitely sent to the client....

 

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2

FSW224B x1

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2 FSW224B x1
Christopher_McMullan

It's been a while since I had to define the Windows scope options myself, but...

 

In Server 2012 it should be possible this way:

Under the DHCP MSC, with the server name expanded, right-click on IPv4 and choose Set Predefined Options, and Add on the detail window. Add option 224 with an Option name like 'FGT' with a Byte value for Data Type. Then, back under Predefined Options, select DHCP Standard Options as the Option class, '224 FGT' as the Option name, and the S/N of the FortiGate as the string.

Regards, Chris McMullan Fortinet Ottawa

storaid

Christopher McMullan_FTNT wrote:

It's been a while since I had to define the Windows scope options myself, but...

 

In Server 2012 it should be possible this way:

Under the DHCP MSC, with the server name expanded, right-click on IPv4 and choose Set Predefined Options, and Add on the detail window. Add option 224 with an Option name like 'FGT' with a Byte value for Data Type. Then, back under Predefined Options, select DHCP Standard Options as the Option class, '224 FGT' as the Option name, and the S/N of the FortiGate as the string.

Sorry..

are you sure the data type is Byte????..

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2

FSW224B x1

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2 FSW224B x1
Christopher_McMullan

No, I'm not really sure, to be honest. I know the feature works. I was providing some best-effort steps to help configure the scope properly, but we're veering well into configuration details that are specific to Windows Server.

 

Is there no way you've found to work when configuring the option *roughly* the way I've described?

Regards, Chris McMullan Fortinet Ottawa

storaid

Christopher McMullan_FTNT wrote:

No, I'm not really sure, to be honest. I know the feature works. I was providing some best-effort steps to help configure the scope properly, but we're veering well into configuration details that are specific to Windows Server.

 

Is there no way you've found to work when configuring the option *roughly* the way I've described?

I don't know how can I input the string text for Byte type????

 

 

 

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2

FSW224B x1

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2 FSW224B x1
storaid
Contributor

well, looks like the problem is windows dhcp server does not send all otpions..

most solutions I found is using option 43 VCI to write additional messages...

but it is useless for my case...

now this problem kicks my ass..:(

 

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2

FSW224B x1

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2 FSW224B x1
Christopher_McMullan

Try adding the option as type String instead of Byte.

Regards, Chris McMullan Fortinet Ottawa

storaid

Christopher McMullan_FTNT wrote:

Try adding the option as type String instead of Byte.

yesterday I have tried it as your mentioned...

but I don't think that's a problem...

the problem is windows dhcp server does not send all options I added....

 

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2

FSW224B x1

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2 FSW224B x1
Labels
Top Kudoed Authors