Network configuration
Providing DHCP services to your internal network
FortiGate-60R Installation and Configuration Guide
117
The gateway added to a policy route must also be added to a destination route. When
the FortiGate unit matches packets with a route in the RPDB, the FortiGate unit looks
in the destination routing table for the gateway that was added to the policy route. If a
match is found, the FortiGate routes the packet using the matched destination route. If
a match is not found, the FortiGate routes the packet using normal routing.
To find a route with a matching gateway, the FortiGate unit starts at the top of the
destination routing table and searches until it finds the first matching destination route.
This matched route is used to route the packet.
Policy routing command syntax
Configure policy routing using the following CLI command.
set system route policy <route_int> src <source_ip>
<source_mask> iifname <source-interface_name>
dst <destination_ip> <destination_mask>
oifname <destination-interface_name> protocol <protocol_int>
port <low-port_int> <high-port_int> gw <gateway_ip>
Complete policy routing command syntax is described in the
FortiGate CLI Reference
Guide
.
Providing DHCP services to your internal network
If the FortiGate unit is operating in NAT/Route mode, you can configure it to be the
DHCP server for your internal network:
1
Go to
System > Network >
DHCP
.
2
Select Enable DHCP.
3
Configure DHCP server settings.
4
Select Apply.
5
Configure the IP network settings of the computers on your network to obtain an IP
address automatically using DHCP.
Starting IP
Ending IP
Enter Starting IP and Ending IP to configure the range of IP addresses that
the FortiGate unit can assign to DHCP clients. The addresses must be
addresses on your internal network.
Netmask
Enter the Netmask that the FortiGate unit assigns to the DHCP clients.
Lease Duration
Enter the interval in seconds after which a DHCP client must ask the DHCP
server for a new address. The lease duration must be between 300 and
8000000 seconds.
Domain
Optionally enter in the domain that the DHCP server assigns to the DHCP
clients.
DNS IP
Enter the IP addresses of up to 3 DNS servers that the DHCP clients can
use for looking up domain names.
Default Route
Enter the default route to be assigned to DHCP clients. The default route
should be on the same subnet as the starting and ending IP addresses.
WINS
Add the IP addresses of one or two WINS servers to be assigned to DHCP
clients.
Exclusion Range
Optionally enter up to 4 exclusion ranges of IP addresses within the starting
IP and ending IP addresses that cannot be assigned to DHCP clients.
Summary of Contents for FortiGate 60R
Page 12: ...Contents 12 Fortinet Inc...
Page 26: ...26 Fortinet Inc Customer service and technical support Introduction...
Page 42: ...42 Fortinet Inc Next steps Getting started...
Page 138: ...138 Fortinet Inc Customizing replacement messages System configuration...
Page 228: ...228 Fortinet Inc Logging attacks Network Intrusion Detection System NIDS...
Page 242: ...242 Fortinet Inc Exempt URL list Web filtering...
Page 256: ...256 Fortinet Inc Configuring alert email Logging and reporting...
Page 260: ...260 Fortinet Inc Glossary...
Page 270: ...270 Fortinet Inc Index...