FortiWiFi 60D (FortiOS 5.6) - bridge WiFi SSID to a VLAN
Hello to all
I got myself a Fortinet FortiWiFi 60D a few days ago. After getting in touch with a Fortigate 100D at work, I thought the interface was quite well thought off. That made me think to buy a Fortigate at home too. I wanted to upgrade my home network with some VLAN's and routing/advanced firewalling between them.
In the few days I have this device, I already found out that you cannot configure VLAN's going out on trunk ports AND configuring VLAN access ports (traffic for only one of the VLAN's - untagged), so I already figured out I need a little managed switch together with the FortiWiFi to get simple access to the VLAN's at the FortiWiFi's location. Trunking is absolutely needed because I only have one cable going to another switch (which serves all the upper rooms), and then I only have one cable going to a wireless router serving as AP (wireless & 4 x Eth). But no problem, I will configure all the VLAN's on a hardware switch of two (trunk) ports (trunk-switch). I'm using another hardware switch of 4 ports for my incoming connection from my ISP. I'm using it to provide WAN connection to the FortiWiFi, but also to provide direct WAN access to my IPTV-vlan (tn-vlan, Telenet which is the ISP). The IPTV's do need to have direct access to the incoming WAN connection so I'm using a VLAN with 3 access ports (1 WAN in, 2 IPTV out). DMZ is being used as the management-interface, and WAN2 en port 5 are still available.
So far so good... Got my different VLAN's, and the only disadvantage of the FortiWiFi up untill now is that I cannot combine trunk port with VLAN access ports, so I need an extra managed switch. But then I want to configure the built-in WiFi (remember, it's a FortiWiFi). I'm not having any other Fortinet AP's, so I'm just using the built-in one of the FortiWiFi.
I want to create one SSID (Hund49), which infact will be bridged onto VLAN 10 - cl-vlan. So I want to get my WiFi clients in the same network with the same DHCP server (FortiWifi at the VLAN interface) as my LAN clients. I didn't found a lot of information about bridging SSID on the FortiWifi (only with managed Fortinet AP's) on the internet. The steps I followed are: creating an SSID, chosing "bridged to AP" as a mode, setting him up with the right VLAN ID. Then trying to couple this SSID to the active (& only) FortiAP profile. When adding it there manually to the SSIDs list, I'm getting an error "Entry not found". In the CLI I'm getting an error too.
I could make a WiFi interface (as shown in the picture), and adding a new VLAN just for the WiFi clients (I kept VLAN 20 free for this). But if I do this I also need to include this VLAN 20 on to the trunk ports (trunk-switch) because the same VLAN ID is used two switches further as the second WiFi of the house. I'm not seeing how to get the same VLAN on the WiFi as on the trunk ports together.
I must be missing something very stupid, so I hope to get an answer on this forum.
Thanks