Configuración de DHCP Server en FortiGate
El FortiGate puede actuar como un servidor DHCP para distribuir dirección IP a los hosts finales que ejecutan servicios de un cliente DHCP. Esta característica es importante si se tiene una pequeña sucursal que no posee un servidor DHCP dedicado.
Para habilitar el servicio de DHCP en el FortiGate se puede realizar desde la interfaz web en las opciones de System > Network > Interface. Para configurar este servicio desde el CLI.
Datos del servidor DHCP.
Interface: port3 (INSIDE)
Rango de direcciones IP: 192.168.23.50 - 192.168.23.100
Subnet: 255.255.255.0
Default Gateway: 192.168.23.1
DNS: Servicio de DNS por default
Nombre de Dominio: delfirosales.com
Configuracion de la interface Inside.
edit "port3" set vdom "root" set ip 192.168.23.1 255.255.255.0 set allowaccess ping set type physical set alias "INSIDE" set snmp-index 3 nextConfiguracion del DNS.
FortiGate-VM # show system dns config system dns set primary 8.8.8.8 set secondary 8.8.4.4 set domain "delfirosales.com" set source-ip 192.168.1.102 endConfiguración de DHCP Server desde CLI
FortiGate-VM # config system dhcp server FortiGate-VM (server) # edit 1 new entry '1' added FortiGate-VM (1) # set auto-configuration disable FortiGate-VM (1) # set default-gateway 192.168.23.1 FortiGate-VM (1) # set dns-service default FortiGate-VM (1) # set interface port3 FortiGate-VM (1) # config ip-range FortiGate-VM (ip-range) # edit 1 new entry '1' added FortiGate-VM (1) # set start-ip 192.168.23.50 FortiGate-VM (1) # set end-ip 192.168.23.100 FortiGate-VM (1) # next FortiGate-VM (ip-range) # end FortiGate-VM (1) # set netmask 255.255.255.0 FortiGate-VM (1) # next FortiGate-VM (server) # end FortiGate-VM # FortiGate-VM # show sys dhcp server config system dhcp server edit 1 set auto-configuration disable set default-gateway 192.168.23.1 set dns-service default set interface "port3" config ip-range edit 1 set end-ip 192.168.23.100 set start-ip 192.168.23.50 next end set netmask 255.255.255.0 next end FortiGate-VM #
Verificacion del Servicio
root@labs:/home/delfi# ifconfig eth0 eth0 Link encap:Ethernet HWaddr 00:00:AB:5C:A9:00 inet addr:192.168.23.50 Bcast:192.168.23.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:179 errors:0 dropped:0 overruns:0 frame:0 TX packets:158 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:26721 (26.0 KiB) TX bytes:50476 (49.2 KiB) root@labs:/home/delfi# root@labs:/home/delfi# route -e Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface default 192.168.23.1 0.0.0.0 UG 0 0 0 eth0 127.0.0.1 * 255.255.255.255 UH 0 0 0 lo 192.168.23.0 * 255.255.255.0 U 0 0 0 eth0 root@labs:/home/delfi# ping www.google.com PING www.google.com (173.194.115.176): 56 data bytes 64 bytes from 173.194.115.176: seq=0 ttl=57 time=134.307 ms 64 bytes from 173.194.115.176: seq=1 ttl=57 time=248.415 ms 64 bytes from 173.194.115.176: seq=2 ttl=57 time=166.495 ms 64 bytes from 173.194.115.176: seq=3 ttl=57 time=50.341 ms 64 bytes from 173.194.115.176: seq=4 ttl=57 time=283.354 ms 64 bytes from 173.194.115.176: seq=5 ttl=57 time=187.280 ms 64 bytes from 173.194.115.176: seq=6 ttl=57 time=69.864 ms 64 bytes from 173.194.115.176: seq=7 ttl=57 time=102.955 ms 64 bytes from 173.194.115.176: seq=8 ttl=57 time=107.317 ms 64 bytes from 173.194.115.176: seq=9 ttl=57 time=84.637 ms 64 bytes from 173.194.115.176: seq=10 ttl=57 time=142.454 ms
1 comentarios
tengo un problema ya tengo configurado todo pero no me da salida en mis ips estaticas de mi red alguna sugerencia del por que no tengo salida
ResponderEliminar