I was thinking the same thing, in that I could simply assign a particular mac address a different unrelated ip.But that would also require that I set a firewall policy matching that IP to deny access.If you use the DHCP server on the Fortigate you can configure DHCP address reservations to always assign specific IP addresses to a computer, based on its MAC address.
Fortigate 100D Dhcp Settings Mac Address AUse the CLI command config system dhcp reserved-address to reserve an IP address for a particular client identified by its device MAC address and type of connection. The DHCP server then always assigns the reserved IP address to the client. The number of reserved addresses that you can define ranges from 10 to 200 depending on the FortiGate model. Use the following syntax to always assign 192.168.1.1 to the device with MAC address 00:04:f1:11:11:11. DNS, Default Gateway, etc are part of the global parameters passed to every client. The DHCP reservation allows to you assign the same IP address to the same MAC address every time. You always know which IP address the printer will have even if it is using DHCP and you have the reservation configured. Fortigate 100D Dhcp Settings How To Remove ADoes anyone know how to remove a DHCP reservation made in this manner. So using the example above would I just have to enter the following info to delete: config system dhcp reserved-address delete ipphone next end. Hi all. I have a question about checking list of clients names with binded IP. Hey guys, Im trying to use the dhcp reservation option but it doesnt work. The mac-address is correct but it simply ignores the reservation list. Fortigate 100D Dhcp Settings Exe Dhcp LeaseI ran the exe dhcp lease-clear command and tried again, nothing. When I run the debug on dhcp I see that it receives the correct mac address but provides the client with a simple pool-ip. One of the common problems I run into is that the address reservation is outside of the scope of the DHCP server. Check to make sure its actually in the range of available IP addresses. Thank you that worked:) Looking through blogs is much easier than reading the entire CLI manual. BTW. I loooove the background image, I lived in Hamburg for a year and I loved it. You rock Tell me one other thing, do you know if there is there a way to restrict it so that a specific mac address does not get an IP assigned to it at all i.e. Interesting question:) Not that I know of since the point of DHCP is typically to provide an IP address to anyone who asks for it. You could assign a specific MAC address to get an address out of a pool that doesnt route anywhere or is limited by firewall policies.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |