I inherited a network with a Fortigate 60B firewall. The VPN dial up client works right now as long as I specify a static IP. Problem is, it becomes hard to manage when I need to assign each and every person using the client their own personal IP.
I already have a DHCP server on the internal network and so I figured I'd configure the firewall to relay the DHCP to dial up VPN clients. Unfortunately, that isn't working. I turned on debugging for DHCP relay and this is what I got:
2013-01-13 19:58:01 L3 socket: received request message from 192.168.0.11:68 to 255.255.255.255 at wan2
2013-01-13 19:58:01 got a DHCPDISCOVER
2013-01-13 19:58:01 Warning! can't get server id from client message
2013-01-13 19:58:01 forwarding dhcp request from 192.168.1.1:67 to 192.168.1.14:67
2013-01-13 19:58:01 sent a dhcp packet of 302 bytes to server 192.168.1.14
2013-01-13 19:58:02 got a DHCPOFFER from server 192.168.1.14:67
2013-01-13 19:58:02 sending dhcp reply from 0.0.0.0:67 to 192.168.0.11:68
As you can see, the reply seems to be coming from an empty IP (0.0.0.0:67) and so I assume this is the problem. Am I correct? If so, what could be the cause?
Thanks!
Best Answer
Have you tried upgrading the firmware? We've had DHCP problems with 4.0 MR3 firmware and that was fixed with a firmware upgrade. Also, we have a DHCP server on the fortigate just for IPsec clients and it works normally.