Aug 16 2010

Fortigate Dialup VPN Client Gets no DHCP Lease

Published by at 9:39 am under Fortinet

Fortigate Dialup VPN client does not get an IP address although a DHCP pool is created and “DHCP-IPsec” is checked in the phase-2 VPN settings. An IPSEC ESP error is also raised in the event log.
Setting a static IP does connect the client.
To solve this, an additional firewall rule needs to be added to encrypt the DHCP traffic – DHCP only – from the inside to the outside interface. Leave the source and destination addresses to “any” as this is a layer 2 issue (the client hasn’t been delivered an IP address yet!)

2 responses so far

2 Responses to “Fortigate Dialup VPN Client Gets no DHCP Lease”

  1. info on tf2 hackson 05 Jul 2012 at 9:24 pm

    I absolutely love your blog and find most of your
    post’s to be what precisely I’m looking for. Does one offer guest writers to write content in your case? I wouldn’t mind producing a post or elaborating on a few of the subjects you write in relation to here. Again, awesome blog!

  2. Peteon 13 Mar 2013 at 1:18 pm

    I was struggling with the same problem today. Luckily I found your post – it really helped a lot!

Comments RSS

Leave a Reply