Good day,
I am trying to move away from using the FortiGate for DHCP for SSL VPN to using an external Microsoft server but need some advice on doing this.
My current internal network uses 10.0.0.0/21 for DHCP and currently the FortiGate uses an address list to allocate IPs to the SSL VPN from 10.0.3.0/21 which is within the 10.0.0.0/21 subnet.
I recently tried to implement external DHCP using the random subnet 10.1.10.0/24 which I setup on the external DHCP server and when I connected to the SSL VPN, I got an IP from the SSL VPN server but could not route to the 10.0.0./21 subnet.
Did I use the wrong subnet? I investigated the 10.0.0.0/21 subnet, and it looks like 10.0.16.0/21 may be what I should have used but not sure, when moving to an external DHCP are there any routes I need to setup or does the FortiGate handle this? Maybe I need a static route from 10.0.16.0/21 to 10.0.0.0/21?
Thanks in advance I am just learning about subnets and routing.
Julian
I am trying to move away from using the FortiGate for DHCP for SSL VPN to using an external Microsoft server but need some advice on doing this.
My current internal network uses 10.0.0.0/21 for DHCP and currently the FortiGate uses an address list to allocate IPs to the SSL VPN from 10.0.3.0/21 which is within the 10.0.0.0/21 subnet.
I recently tried to implement external DHCP using the random subnet 10.1.10.0/24 which I setup on the external DHCP server and when I connected to the SSL VPN, I got an IP from the SSL VPN server but could not route to the 10.0.0./21 subnet.
Did I use the wrong subnet? I investigated the 10.0.0.0/21 subnet, and it looks like 10.0.16.0/21 may be what I should have used but not sure, when moving to an external DHCP are there any routes I need to setup or does the FortiGate handle this? Maybe I need a static route from 10.0.16.0/21 to 10.0.0.0/21?
Thanks in advance I am just learning about subnets and routing.
Julian