Hello  M02@rt37

In this case the connection will be:

Internet < -- > FortiGate < -- > Switch

 Cisco Router (CCME) < -- > Switch

PC < -- > Cisco IP Phone < -- > Switch

FortiGate, Cisco Router and Cisco IP Phone equipment must be connected to the same switch.

All of the following part of code (CCME Configuration) must be configured on the Fortigat:

ip dhcp excluded-address 10.40.0.1 10.40.0.10

ip dhcp excluded-address 10.45.0.1 10.45.0.10

!

ip dhcp pool DATAPOOL

 network 10.40.0.0 255.255.255.0

 default-router 10.40.0.1

!

ip dhcp pool VOICEPOOL

 network 10.45.0.0 255.255.255.0

 default-router 10.45.0.1

 option 150 ip 10.40.0.1

But there will be a problem with default-router 10.40.0.1 because 10.40.0.1 is the address of the sub router interface, the PCs will not have internet!!!

CCME:

interface GigabitEthernet0/0.40

 encapsulation dot1Q 40

 ip address 10.40.0.1 255.255.255.0

 no ip route-cache

!

interface GigabitEthernet0/0.45

 encapsulation dot1Q 45

 ip address 10.45.0.1 255.255.255.0

 no ip route-cache

!

Best regards,

I dont know what is relate of op150 with internet.

If pc can not access internet then issue is in NAT not tftp.

MHM

The problem is linked to the default-router 10.40.0.1, if we put the gateway 10.45.0.1, that is to say that all the equipment will look for GigabitEthernet0/0.45 as a gateway while the IP Phone must look for 10.45.0.1 (Router Interface) but PCs must fetch 10.45.0.254 (Fortigat Interface) to go to the Internet.

best regards,

Friend it different subnet'

You can put iphone gw (make it ip of forti) different than gw for pc.

MHM