Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
346
Views
0
Helpful
7
Replies

DHCP on CCME or Firewall

medzeinmaaloum
Level 1
Level 1

‎11-29-2023 10:00 AM

Good day,

 I have the following network architecture:

Internet < -- > FortiGate < -- > Cisco Router (CCME) < -- > Cisco IP Phone < -- > PC

The DHCP server must be activated on the FortiGate, dose this is possible?

Best regards,

 

Labels:
0 Helpful
7 Replies 7

balaji.bandi
Hall of Fame
Hall of Fame

‎11-29-2023 10:02 AM

As Long as DHCP Server reachable and helper address configure, Routing in place  does not matter where the DHCP Server can be,

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

MHM Cisco World
VIP
VIP

‎11-29-2023 10:09 AM - edited ‎11-29-2023 10:29 AM

If forti support push 66 and op 150 then you can use it' if it not support these op then your VoIP will not get necessary info to work.

MHM

0 Helpful

M02@rt37
VIP
VIP

‎11-29-2023 12:13 PM

Hello @medzeinmaaloum 

Yes you can configure DHCP server on FortiGate and add on it options configuration ; as example option 150 (tftp server)

M02rt37_0-1701288781293.png

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

medzeinmaaloum
Level 1
Level 1
In response to M02@rt37

‎11-29-2023 01:16 PM

Hello  M02@rt37

In this case the connection will be:

Internet < -- > FortiGate < -- > Switch

 Cisco Router (CCME) < -- > Switch

PC < -- > Cisco IP Phone < -- > Switch

 

FortiGate, Cisco Router and Cisco IP Phone equipment must be connected to the same switch.

 

All of the following part of code (CCME Configuration) must be configured on the Fortigat:

 

ip dhcp excluded-address 10.40.0.1 10.40.0.10

ip dhcp excluded-address 10.45.0.1 10.45.0.10

!

ip dhcp pool DATAPOOL

 network 10.40.0.0 255.255.255.0

 default-router 10.40.0.1

!

ip dhcp pool VOICEPOOL

 network 10.45.0.0 255.255.255.0

 default-router 10.45.0.1

 option 150 ip 10.40.0.1

 

But there will be a problem with default-router 10.40.0.1 because 10.40.0.1 is the address of the sub router interface, the PCs will not have internet!!!

 

CCME:

interface GigabitEthernet0/0.40

 encapsulation dot1Q 40

 ip address 10.40.0.1 255.255.255.0

 no ip route-cache

!

interface GigabitEthernet0/0.45

 encapsulation dot1Q 45

 ip address 10.45.0.1 255.255.255.0

 no ip route-cache

!

Best regards,

 

 

0 Helpful

MHM Cisco World
VIP
VIP
In response to medzeinmaaloum

‎11-29-2023 01:33 PM

I dont know what is relate of op150 with internet.

If pc can not access internet then issue is in NAT not tftp.

MHM

0 Helpful

medzeinmaaloum
Level 1
Level 1
In response to MHM Cisco World

‎11-29-2023 01:47 PM

The problem is linked to the default-router 10.40.0.1, if we put the gateway 10.45.0.1, that is to say that all the equipment will look for GigabitEthernet0/0.45 as a gateway while the IP Phone must look for 10.45.0.1 (Router Interface) but PCs must fetch 10.45.0.254 (Fortigat Interface) to go to the Internet.

best regards,

 

0 Helpful

MHM Cisco World
VIP
VIP
In response to medzeinmaaloum

‎11-29-2023 01:49 PM - edited ‎11-29-2023 01:51 PM

Friend it different subnet'

You can put iphone gw (make it ip of forti) different than gw for pc.

MHM

0 Helpful
Customers Also Viewed These Support Documents