Fortinet 100 Providing Dhcp services to your internal network, Policy routing command syntax, 119

The gateway added to a policy route must also be added to a destination route. When the FortiGate unit matches packets with a route in the RPDB, the FortiGate unit looks in the destination routing table for the gateway that was added to the policy route. If a match is found, the FortiGate routes the packet using the matched destination route. If a match is not found, the FortiGate routes the packet using normal routing.

To find a route with a matching gateway, the FortiGate unit starts at the top of the destination routing table and searches until it finds the first matching destination route. This matched route is used to route the packet.

Policy routing command syntax

Configure policy routing using the following CLI command.

set system route policy <route_int> src <source_ip> <source_mask> iifname <source-interface_name>

dst <destination_ip> <destination_mask>

oifname <destination-interface_name> protocol <protocol_int> port <low-port_int> <high-port_int> gw <gateway_ip>

Complete policy routing command syntax is described in the FortiGate CLI Reference

Guide.

Providing DHCP services to your internal network

If the FortiGate unit is operating in NAT/Route mode, you can configure it to be the

DHCP server for your internal network:

1Go to System > Network > DHCP.

2Select Enable DHCP.

3Configure DHCP server settings.

Exclusion Range Optionally enter up to 4 exclusion ranges of IP addresses within the starting

IP and ending IP addresses that cannot be assigned to DHCP clients.

4Select Apply.

5Configure the IP network settings of the computers on your network to obtain an IP address automatically using DHCP.