Fortinet black logo

User Guide

Home FortiPortal 5.3.4 User Guide
5.3.4
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.0.14
6.0.13
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.3.8
5.3.7
5.3.6
5.3.5
5.3.4
5.3.3
5.3.2
5.3.0
5.2.0
4.1.0

DHCP Server

DHCP Server

You can add, update, and delete DHCP servers.

Adding a DHCP server

  1. Select DHCP Server from the System tree.
  2. Right-click in the DHCP Server section of the table and select Create New.
  3. Enter values in the relevant fields. See DHCP server fields.
  4. Select Save.

Updating a DHCP server

  1. Select DHCP Server from the System tree.
  2. Right-click a DHCP server and select Edit.
  3. Update the values that you want to change.
  4. Select Save.

Deleting a DHCP server

  1. Select DHCP Server from the System tree.
  2. Right-click a DHCP server and select Delete.
  3. Select Yes in the confirmation dialog box to delete the selected DHCP server.

DHCP server fields

The Create New DHCP Server and Edit DHCP Server forms contain the following fields:

Settings

Guidelines

Interface

The name of the interface.

Mode

Select Server to create a DHCP server.

Enable

Select this option to make the DHCP server active.

Type

Select Regular to use the DHCP in regular mode. Select IPsec to use the DHCP in IPsec mode.

IP Range

DHCP IP address range. The IP range of each DHCP server must match the network address range. See Configure an IP range.

Network Mask

Required. Netmask assigned by the DHCP server.

Default Gateway

Required. Default gateway IP address assigned by the DHCP server.

Next Server

Required. IP address of a server (for example, a TFTP sever) that DHCP clients can download a boot file from.

DNS Service

Options for assigning DNS servers to DHCP clients:

Use System DNS Setting (Default)—Clients are assigned the FortiGate deviceʼs configured DNS servers.

Specify—Specify up to three DNS servers in the DHCP server configuration.

Same as interface IP (Local)—The IP address of the interface the DHCP server is added to becomes the clientʼs DNS server IP address.

DNS Service0

DNS server 1.

DNS Service1

DNS server 2.

DNS Service2

DNS server 3.

NTP Service

Options for assigning Network Time Protocol (NTP) servers to DHCP clients:

Use System NTP Setting—The IP address of the interface the DHCP server is added to becomes the clientʼs NTP server IP address.

Specify—Specify up to three NTP servers in the DHCP server configuration.

Use FortiGate as NTP Server—Clients are assigned the FortiGate deviceʼs configured NTP servers.

NTP Service0

NTP server 1.

NTP Service1

NTP server 2.

NTP Service2

NTP server 3.

FortiClient On-Net Status

Select this option to require all clients to have FortiClient installed in order to get access through the FortiGate.

Timezone Option

Options for the DHCP server to set the clientʼs time zone.

Disable—Do not set the clientʼs time zone.

Default—Clients are assigned the FortiGate deviceʼs configured time zone.

Specify—Specify the time zone to be assigned to DHCP clients. If you select Specify, enter the two-digit code that corresponds to the appropriate time zone in the Timezone field.

MAC Address Access Control List

A MAC Address Access Control List (ACL) allows or blocks access on a network interface that includes a DHCP server. See Configure an MAC address access control list.
Configure an IP range
  1. Right-click in the IP Range table and select Create New.
  2. In the Start IP field, enter the IPv4 address at the start of the IP address range.
  3. In the End IP field, enter the IPv4 address at the end of the IP address range.
  4. To add a DHCP option, enter the option number in the ID field.

    The option number and value must be configured on the DHCP server.
  5. Select Yes to save the IP range.
Configure an MAC address access control list
  1. Right-click in the MAC Address Access Control List table and select Create New.
  2. In the IP field, enter an IP address to allow or block.
  3. In the MAC field, enter a MAC address to allow or block.
  4. Select Assign to allow the IP address and MAC address, select Block to block the IP address and MAC address, or select Reserved to prevent the IP address and MAC address from being used in any rules.
  5. In the Description field, enter an optional description of the MAC address access control list.
  6. To add a DHCP option, enter the option number in the ID field.

    The option number and value must be configured on the DHCP server.
  7. Select Yes to save the MAC address access control list.
Previous
Next

DHCP Server

You can add, update, and delete DHCP servers.

Adding a DHCP server

  1. Select DHCP Server from the System tree.
  2. Right-click in the DHCP Server section of the table and select Create New.
  3. Enter values in the relevant fields. See DHCP server fields.
  4. Select Save.

Updating a DHCP server

  1. Select DHCP Server from the System tree.
  2. Right-click a DHCP server and select Edit.
  3. Update the values that you want to change.
  4. Select Save.

Deleting a DHCP server

  1. Select DHCP Server from the System tree.
  2. Right-click a DHCP server and select Delete.
  3. Select Yes in the confirmation dialog box to delete the selected DHCP server.

DHCP server fields

The Create New DHCP Server and Edit DHCP Server forms contain the following fields:

Settings

Guidelines

Interface

The name of the interface.

Mode

Select Server to create a DHCP server.

Enable

Select this option to make the DHCP server active.

Type

Select Regular to use the DHCP in regular mode. Select IPsec to use the DHCP in IPsec mode.

IP Range

DHCP IP address range. The IP range of each DHCP server must match the network address range. See Configure an IP range.

Network Mask

Required. Netmask assigned by the DHCP server.

Default Gateway

Required. Default gateway IP address assigned by the DHCP server.

Next Server

Required. IP address of a server (for example, a TFTP sever) that DHCP clients can download a boot file from.

DNS Service

Options for assigning DNS servers to DHCP clients:

Use System DNS Setting (Default)—Clients are assigned the FortiGate deviceʼs configured DNS servers.

Specify—Specify up to three DNS servers in the DHCP server configuration.

Same as interface IP (Local)—The IP address of the interface the DHCP server is added to becomes the clientʼs DNS server IP address.

DNS Service0

DNS server 1.

DNS Service1

DNS server 2.

DNS Service2

DNS server 3.

NTP Service

Options for assigning Network Time Protocol (NTP) servers to DHCP clients:

Use System NTP Setting—The IP address of the interface the DHCP server is added to becomes the clientʼs NTP server IP address.

Specify—Specify up to three NTP servers in the DHCP server configuration.

Use FortiGate as NTP Server—Clients are assigned the FortiGate deviceʼs configured NTP servers.

NTP Service0

NTP server 1.

NTP Service1

NTP server 2.

NTP Service2

NTP server 3.

FortiClient On-Net Status

Select this option to require all clients to have FortiClient installed in order to get access through the FortiGate.

Timezone Option

Options for the DHCP server to set the clientʼs time zone.

Disable—Do not set the clientʼs time zone.

Default—Clients are assigned the FortiGate deviceʼs configured time zone.

Specify—Specify the time zone to be assigned to DHCP clients. If you select Specify, enter the two-digit code that corresponds to the appropriate time zone in the Timezone field.

MAC Address Access Control List

A MAC Address Access Control List (ACL) allows or blocks access on a network interface that includes a DHCP server. See Configure an MAC address access control list.
Configure an IP range
  1. Right-click in the IP Range table and select Create New.
  2. In the Start IP field, enter the IPv4 address at the start of the IP address range.
  3. In the End IP field, enter the IPv4 address at the end of the IP address range.
  4. To add a DHCP option, enter the option number in the ID field.

    The option number and value must be configured on the DHCP server.
  5. Select Yes to save the IP range.
Configure an MAC address access control list
  1. Right-click in the MAC Address Access Control List table and select Create New.
  2. In the IP field, enter an IP address to allow or block.
  3. In the MAC field, enter a MAC address to allow or block.
  4. Select Assign to allow the IP address and MAC address, select Block to block the IP address and MAC address, or select Reserved to prevent the IP address and MAC address from being used in any rules.
  5. In the Description field, enter an optional description of the MAC address access control list.
  6. To add a DHCP option, enter the option number in the ID field.

    The option number and value must be configured on the DHCP server.
  7. Select Yes to save the MAC address access control list.
Previous
Next