Well here is something i have used a lot, in the day to day work and this is the DHCP Address Reservation
You can only configure it in CLI so you will need to access via Console, Telnet, or via web(The console in the status Dashboard)
so here is how you do it on fortinet (Fortigates)
config system dhcp reserved-address
edit "Carlos"
set ip 192.168.1.10
set mac 00:21:70:8B:79:DD
next
end
ip is the ip address you are assigning to the client
mac is the mac address of the network card or wireless network card
you MUST put end and then hit enter or this change wont save.
You must enter the mac address with the 00:21:70:8B:79:DD format, you cannot use the 00-21-70-8B-79-DD format
Now you would ask me, why would i want to do this?
Ill give you an scenario:
You got a small business client, and the network administrator of that company ask you that he needs that the Manager´s laptop get an specific IP, but he is unable to put it in the laptop because the manager uses his laptop outside the company and he needs DHCP enable on his wireless card because he doesnt know anything about IPs, static ips etc.
If he put the static ip in his laptop then the manager wont be able to connect in public APs or in his home, because it will have the company´s ip address in the wireless network card.
So how do you fix it?
Well that would be putting an address reservation on their Fortigate(Supposing this is the only DHCP Server in their network)
With this he will be able to have his wireless card with DHCP enabled and still in the company connect with the specific ip he needs and when he go to anywhere else he will be able to connect to any network with DHCP without doing any change on his network card.
This is really useful.
Subscribe to:
Post Comments (Atom)
Thanks Carlos for this information. Fortinet KB is too messy to search.
ReplyDeleteAlex