Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
GabrielAuYong_FTNT
Staff
Staff

Created on ‎11-17-2011 05:07 PM Edited on ‎12-27-2021 05:01 AM By Community Manager

Article Id 195412

Technical Tip: Replacing TM UniFi router with FortiWiFi

Description

This article explains how to replace a TM UniFi Router with a FortiWiFi 80CM.

TM UniFi (http://www.unifi.my) is a bundled triple play service from Telekom Malaysia offering High Speed Internet, HyppTV (IPTV) and Voice.


Scope

FortiWiFi


Solution

FortiWiFi 80CM interface:

gauyong_FD33377_photo1.jpg

Initial Configuration Steps:

 

 

1.       Connect your PC's network card to LAN port 1 of the FW80CM internal interface.

2.       Set your PCs IP address to 192.168.1.100 with a subnet mask of 255.255.255.0.

3.       Open up your web browser and head over to https://192.168.1.99

4.       The default login for this switch is the username 'admin' with a blank password.

 

 

 

VLAN Configuration Steps:

 

 

It's now time to begin the configuration of the VLANs. Please note that I've written this guide with this particular configuration in mind :

 

 
  • WAN1 of the FW80CM will be connected to the BTU
  • DMZ of the FW80CM will be connected to the IPTV STB
  • LAN port 1~6 of the FW80CM will be connected to your PC & network device
  • WiFi of the FW80CM for Laptop with WiFi capable

 

 

 

Note: This guide is written based on FortiOS v4.3 (Steps should be more or less then same for any other MR)

 

 

 

To get your VLAN configuration running, simply follow these settings :

 

 

 

Create a VLAN500 for PPPoE:

1) Go to “System” > “Network” > “Interface”

2) Click "Create New"

3) Follow the settings in the screenshot, and configure your UniFi username & password accordingly:

 

gauyong_FD33377_photo2.jpg

 

 

 

 

Create a VLAN600 for IPTV (ignore this step if you not plan to use IPTV):

1) Go to “System” > “Network” > “Interface”

2) Click "Create New"

3) Follow the settings in the screenshot

 

 

gauyong_FD33377_photo3.jpg

 

 

 

 

Configure firewall policy for internal/WiFi to PPPoE interface:

1)      Purge all the default firewall policies, it’s not applicable in this case

2)      Internal to PPPoE:

gauyong_FD33377_photo4.jpg

3)      WiFi to PPPoE:

 

gauyong_FD33377_photo5.jpg

 

 

 

 

Configure bridge connection for IPTV (Ignore this steps if you not plan to use IPTV):

 

 

1)      Enable VDOM (Virtual Domain) via System Status
gauyong_FD33377_photo6.jpg

2)      Go to System > VDOM > VDOM, create a new VDOM “iptv”
- make sure Operation Mode is “Transparent”, configure dummy IP for Management IP & Default Gateway
gauyong_FD33377_photo7.jpg

3)      Go to “System” > “Network” > “Interface”, change VDOM for “wan.iptv” &” dmz” port
gauyong_FD33377_photo9.jpg

4)      Switch current VDOM to “iptv”:
gauyong_FD33377_photo10.jpg

5)      Create inbound & outbound firewall policy for “wan.iptv” & “dmz”
gauyong_FD33377_photo11.jpg

6)      Switch the VDOM to Global, go to “System” > “Dashboard” > “Status”, you will see a java base CLI console:
gauyong_FD33377_photo12.jpg

7)      Type the command given below to enable bypass multicast policy:
config vdom
edit iptv
config system settings

             set multicast-skip-policy enable

       end

 

 

 

Note: Don’t forget to secure your WiFi, default ESSID is “Fortinet” without encryption

fw80cm-config.conf
12985
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.