Fortinet 400 Providing DHCP services to your internal network

Network configuration Providing DHCP services to your internal network

FortiGate-400 Installation and Configuration Guide 147

Providing DHCP services to your internal network

If the FortiGate unit is operating in NAT/Route mode, you can use the CLI command

set system dhcpserver to configure the FortiGate unit to be the DHCP server for

your internal network. Tab le 2 describes the syntax for the set system

dhcpserver command.

‘

Table 2: set system dhcpserver command syntax

Keywords Description

defaultroute

<gateway_ip> The default route to be assigned to DHCP clients. The

defaultroute, exclusionrange, iprange, and reserve

IP addresses must all be on the same subnet as the internal

interface.

dns <dns_ip>

[<dns_ip>] [<dns_ip>] The IP addresses of up to 3 DNS servers that the DHCP clients

can use for looking up domain names. Use a space to separate

the IP addresses. To remove a DNS IP, set the IP to 0.0.0.0.

domain <domain_str> The domain name that the DHCP server assigns to the DHCP

clients.

exclusionrange

{<start1_ip-end1_ip>

| none}

[{<start2_ip-end2_ip>

| none}]

[{<start3_ip-end3_ip>

| none}]

[{<start4_ip-end4_ip>

| none}]

Enter up to 4 exclusion ranges of IP addresses within the

starting IP and ending IP addresses that cannot be assigned to

DHCP clients. Separate the IP addresses in the range with a

dash (-). Do not add spaces. Use a space to separate ranges.

The defaultroute, exclusionrange, iprange, and

reserve IP addresses must all be on the same subnet as the

internal interface.

To change an exclusion range you must redefine all of the

exclusion ranges. To remove all exclusion ranges, replace the

first exclusion range with none.

iprange

<start_ip-end_ip> The starting IP and the ending IP for the range of IP addresses

that the FortiGate unit can assign to DHCP clients. The

defaultroute, exclusionrange, iprange, and reserve

IP addresses must all be on the same subnet as the internal

interface.

leaseduration

<lease_int> The interval in seconds after which a DHCP client must ask the

DHCP server for a new address. The lease duration must be

between 300 and 8000000 seconds.

netmask <netmask_ip> The Netmask that the FortiGate DHCP server assigns to the

DHCP clients.

reserve <reserve_ip>

<reserve_mac>

[<name_str> | none]

Reserve an IP address so that the FortiGate DHCP server

always assigns this IP address to the device with the specified

MAC address. Optionally specify a name for the IP and MAC

address pair. The reserved IP cannot be assigned to any other

device. You can only add a given IP address or MAC address

once. The defaultroute, exclusionrange, iprange, and

reserve IP addresses must all be on the same subnet as the

internal interface.

status

{enable | disable} Enable or disable the FortiGate DHCP server for your internal

network.

winsserver

{<server1_ip> | none}

[{<server2_ip> |

none}]

Enter one or two WINS server IP addresses that are assigned

to DHCP clients.