FortiAP devices are thin wireless access points (AP) supporting the latest Wi-Fi technologies (multi-user MIMO 802.11ac Wave 1 and Wave 2, 4x4), as well as 802.11n, 802.11AX , and the demand for plug and play deployment.
This article describes the procedure to convert an SSID from tunnel mode to bridge mode on a FortiGate device. The need for this change can arise due to various reasons, such as network topology modifications or specific operational requirements.
Scope
FortiAP.
Solution
Steps to convert SSID from tunnel mode to bridge mode:
Conversion of tunnel SSID to bridge mode: It is possible to modify an existing tunnel mode SSID to bridge mode using the FortiGate CLI.
set local-bridging enable
Modification of AP profile settings:
By default, certain AP profiles may be set to broadcast only tunnel mode SSIDs.
It is necessary to modify these settings to include all SSIDs. To modify this setting, follow these steps:
Select the in-use FortiAP Profile and go into edit mode.
From the SSID option change this from Tunnel to Manual and select all the SSIDs. It is necessary to advertise including tunnel mode and bridge mode SSIDs available on the right side of the menu.
Select 'Ok' at the bottom to save changes.
Addressing DHCP pool exhaustion:
After converting the SSID to bridge mode and attempting a connection, there may be instances where devices do not obtain an IP address. One potential reason is the exhaustion of the DHCP IP pool.
Verify the DHCP settings on the FortiGate interface associated with the bridged SSID.
Following the above steps, it is feasible to ensure that the SSID operates in bridge mode and that devices connected to this SSID can obtain an IP address and access the internet. Monitoring the new configuration is recommended to ensure operational continuity.
