Good day,
I am planning to move away from using an Address Range to allocate DHCP addresses to my SSL VPN full tunnel clients to using a Windows 2016 DHCP server, I have a FortiGate FGT200F running firmware 7.x.
The current Windows DHCP server is already set up with multiple scopes and uses VLANs to determine which to allocate based on this.
I have done some research, and it looks like all I need to do is:
For the DHCP server to know which range to allocate to the SSL VPN users the dhcp-ra-giaddr option will be used instead of using VLANs.
Does this look good? Some of the commands are to set web-portal settings but I have the SSL VPN web portal access disabled so not sure if this is correct?
Thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello @julianhaines ,
Your configuration steps seem correct.
For 5. step, this command says "vpn ssl web-portal" but, don't let this confuse you, this is actually required to configure the VPN in tunnel mode.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1546 | |
1030 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.