Hello everyone,
how does the fortigate ip pool work for users.
We have a object (vpn-pool) defined as 192.168.100.0/24. This is then applied to the Ip policy along with groups.
users get IP from 192.68.100.x once connected.
Query on this -
1) how does it keep track of what ip's are in use, is there any command to check this?
2) why do users get subsequent ip's as ip and gateway (example, 192.168.100.1 as IP & gateway as 100.2 on ipconfig)
3) Is it possible to do a static IP reservation on this?
4) what is different between this pool and the actual dhcp function within fortigate?
Appreciate all inputs.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I get it that you are talking about SSL VPN.
Up until FOS v6.4 SSLVPN does not support DHCP assignment, in contrast to IPsec VPN where it has been working perfectly for years. So, no reserved allocation at all.
The 'next' address is IMHO a designation for a proxy. I really don't know if that means that you can only support 128 users on a /24 subnet.
I get it that you are talking about SSL VPN.
Up until FOS v6.4 SSLVPN does not support DHCP assignment, in contrast to IPsec VPN where it has been working perfectly for years. So, no reserved allocation at all.
The 'next' address is IMHO a designation for a proxy. I really don't know if that means that you can only support 128 users on a /24 subnet.
1) Monitor - ssl-vpn monitor or firewall user monitor 2) Technical question probably with no impact, but id like to know too. :) 3) In ssl-vpn - no. 4) You can do DHCP onnly in custom ipsec tunnel, i made a topic on this, waiting for approval. Cant get it to work fully.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1518 | |
1019 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.