TECH.ROOM

   Home | HostCheetah.net | ParagonHost.net | LiquidLayer.net | RamNode | News | Products | Blog | Video | Crawler.Search | Helpdesk

How-to: Configure DHCP Custom Options Fortigate


#1
(Ex) Option 66: 

Need to convert each byte to HEX, like 192=C0, 168=A8,… so the correct config should be:
set option2 66 ‘C0A8026F’.

http://string-functions.com - On this site, you will find free online tools to perform common string manipulations such as reversing a string, calculating a string’s length or encoding a string!


How-to: Configure DHCP Custom Options on a FortiGate
FortiGate allows you to configure up to six custom DHCP options beyond the standard default gateway, DNS, NTP and domain options.

We’ll go through the steps to configure a DHCP server from scratch and configure the most commonly used options as well as a few custom ones.

The details for this DHCP server will be as follows:

Interface: wifi-interface
Address Range: 192.168.2.100-192.168.2.254
Subnet: 255.255.255.0
Default Gateway: 192.168.2.99
Primary DNS: 192.168.2.99
Secondary DNS: 8.8.8.8
Primary NTP: 192.168.2.99
Domain name suffix: labdomain.local
Option 252: http://myproxy.com:80/wpad.dat (this is the default proxy option)
Option 66: 192.168.2.111 (TFTP option to allow provisioning to unmanaged SIP phones)

Firstly goto the CLI and enter the following to create a new DHCP server.

FORTIGATE80C # config system dhcp server
FORTIGATE80C (server) # edit 0

Now type the following to create the IP range

FORTIGATE80C (3) # config ip-range
FORTIGATE80C (ip-range) # edit 1
FORTIGATE80C (1) # set start-ip 192.168.2.100
FORTIGATE80C (1) # set end-ip 192.168.2.254
FORTIGATE80C (1) # end

Next the following set commands for all the basic options:

FORTIGATE80C (3) # set default-gateway 192.168.2.99
FORTIGATE80C (3) # set netmask 255.255.255.0
FORTIGATE80C (3) # set dns-server1 192.168.2.99
FORTIGATE80C (3) # set dns-server2 8.8.8.8
FORTIGATE80C (3) # set ntp-server1 192.168.2.99
FORTIGATE80C (3) # set domain labdomain.local
FORTIGATE80C (3) # set interface wifi-interface

Now for the custom options. The syntax for custom options on a FortiGate is:

set

An option number is a decimal number (in this instance 252 and 66), while the option itself is the value we want (http://myproxy.com:80/wpad.dat and 192.168.2.111). The thing to note is that the FortiGate require the option to be in hexadecimal, not as a string or digits. So before we can begin, we need to convert the strings into hexadecimal first.

A quick google for ‘string to hexadecimal converter’ will bring up some useful pages. I like to use the one at string-functions.com. Type in the strings you want to convert and save the hexadecimal output.

Note:
I don’t think this opion 66 config would work. Any field that contains an IP address in Bootp vendor options(DHCP options) requires binary data, just like source/destination address field in Ethernet Frame header, not “ascii coded dotted-decimal-notation”. So you need to convert each byte to HEX, like 192=C0, 168=A8,… so the correct config should be:
set option2 66 ‘C0A8026F’.

Liquid Layer Networks

Powered by:

HostCheetah Networks
Global Web Hosting, Domain Registration and Internet Services
http://hostcheetah.net | http://hostcheetah.uk