How-to: Configure DHCP Custom Options Fortigate

Curated by Liquid Layer Networks

At LiquidLayer.net, we’ve made a shared web hosting platform that’s both feature-rich and easy to make use of. Our programmers have built up a custom Linux cloud web hosting platform plus an innovative Control Panel that perfectly takes advantage of its capabilities. After long hours of programming and bug fixing on our end, we are now capable to guarantee that all of our shared web hosting services are safe, virus-free, full of capabilities and very easy-to-work-with. In addition, they feature 99.9% server uptime as well as 99.9% network uptime warranties.

liquidlayer.net

Cloud Web Hosting Services by LiquidLayer.net

LiquidLayer.net offers premium web hosting, SSD, Cloud Hosting, VPS & dedicated server solutions with 24/7 support & Mission Critical Uptime

2019-05-23T07:00:00Z

(Ex) Option 66:

Need to convert each byte to HEX, like 192=C0, 168=A8,… so the correct config should be:
set option2 66 ‘C0A8026F’.

http://string-functions.com - On this site, you will find free online tools to perform common string manipulations such as reversing a string, calculating a string’s length or encoding a string!


How-to: Configure DHCP Custom Options on a FortiGate
FortiGate allows you to configure up to six custom DHCP options beyond the standard default gateway, DNS, NTP and domain options.

We’ll go through the steps to configure a DHCP server from scratch and configure the most commonly used options as well as a few custom ones.

The details for this DHCP server will be as follows:

Interface: wifi-interface
Address Range: 192.168.2.100-192.168.2.254
Subnet: 255.255.255.0
Default Gateway: 192.168.2.99
Primary DNS: 192.168.2.99
Secondary DNS: 8.8.8.8
Primary NTP: 192.168.2.99
Domain name suffix: labdomain.local
Option 252: http://myproxy.com:80/wpad.dat (this is the default proxy option)
Option 66: 192.168.2.111 (TFTP option to allow provisioning to unmanaged SIP phones)

Firstly goto the CLI and enter the following to create a new DHCP server.

FORTIGATE80C # config system dhcp server
FORTIGATE80C (server) # edit 0

Now type the following to create the IP range

FORTIGATE80C (3) # config ip-range
FORTIGATE80C (ip-range) # edit 1
FORTIGATE80C (1) # set start-ip 192.168.2.100
FORTIGATE80C (1) # set end-ip 192.168.2.254
FORTIGATE80C (1) # end

Next the following set commands for all the basic options:

FORTIGATE80C (3) # set default-gateway 192.168.2.99
FORTIGATE80C (3) # set netmask 255.255.255.0
FORTIGATE80C (3) # set dns-server1 192.168.2.99
FORTIGATE80C (3) # set dns-server2 8.8.8.8
FORTIGATE80C (3) # set ntp-server1 192.168.2.99
FORTIGATE80C (3) # set domain labdomain.local
FORTIGATE80C (3) # set interface wifi-interface

Now for the custom options. The syntax for custom options on a FortiGate is:

set

An option number is a decimal number (in this instance 252 and 66), while the option itself is the value we want (http://myproxy.com:80/wpad.dat and 192.168.2.111). The thing to note is that the FortiGate require the option to be in hexadecimal, not as a string or digits. So before we can begin, we need to convert the strings into hexadecimal first.

A quick google for ‘string to hexadecimal converter’ will bring up some useful pages. I like to use the one at string-functions.com. Type in the strings you want to convert and save the hexadecimal output.

Note:
I don’t think this opion 66 config would work. Any field that contains an IP address in Bootp vendor options(DHCP options) requires binary data, just like source/destination address field in Ethernet Frame header, not “ascii coded dotted-decimal-notation”. So you need to convert each byte to HEX, like 192=C0, 168=A8,… so the correct config should be:
set option2 66 ‘C0A8026F’.


Curated by Liquid Layer Networks

At LiquidLayer.net, we’ve made a shared web hosting platform that’s both feature-rich and easy to make use of. Our programmers have built up a custom Linux cloud web hosting platform plus an innovative Control Panel that perfectly takes advantage of its capabilities. After long hours of programming and bug fixing on our end, we are now capable to guarantee that all of our shared web hosting services are safe, virus-free, full of capabilities and very easy-to-work-with. In addition, they feature 99.9% server uptime as well as 99.9% network uptime warranties.

Powered by:

HostCheetah Networks
Global Web Hosting, Domain Registration, and Internet Services
https://hostcheetah.net | http://hostcheetah.uk


PC Helper | Est 1996 - Web Hosting | US, AU, UK, Finland, Bulgaria | :sunglasses:
https://pchelper.com

Global Web Hosting Services Since 2000 | Web Netology
Free Web Hosting for Hostcheetah Blog Readers!

Web Netology