Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
TigerEmperor
New Contributor

FortiWifi60d

Dear all I have a fortiwifi 60d, I form a sofware switch and add a vlan into this software switch, however I notice that when I bind the Wi-Fi into this software switch, it will not use the vlan, how can I turn it into the vlan, thanks.
1 Solution
wanglei_FTNT

Hi Jared,

 

FWF wireless traffic is already handled locally from FGT point of view even it's called tunnel mode.  

 

Lei

View solution in original post

21 REPLIES 21
bravishank_FTNT

Have you added the VLAN ID to the Wifi Interface ? 

Balaji

TigerEmperor

Sorry, I just login back the fortigate. I can not see the vlan option in the wifi.

TigerEmperor

Anyone know how can I set it to use the vlan for wifi? I open a software switch named lan, and create a vlan in this software switch, then put the wifi into this software switch. The wifi got the IP of software switch only not the vlan.

TigerEmperor

Do this forum has Fortigate official technical to answer or no one use Fortigate any more now?
Sidewaysguy

Hey there,

 

What you are seeing is the default behavior of a software switch.  IP info assigned to a software switch overrides ip info on any interface added to a software switch. 

 

As a side note, you may want to strengthen your Google Fu a little bit as my first query pulled up:  https://docs.fortinet.com/uploaded/files/1671/assigning-wireless-users-to-different-networks-using-d...   While that may or may not be what you are looking for, there is a ton of documentation out there with examples before getting snippy in a forum.

 

Cheers,

 

Sidwaysguy

TigerEmperor

Hi Sidwaysguy Good Morning. I have search google before and find the about doc, it seem a external ap with controller I want the vlan assign to local device SSID, I see it in a company, but I can not set it myself. I used to guess it is a problem of tunnel mode or brigh mode but seem not.
Sidewaysguy

Hi there,

 

Do you have the vlan already configured on switches in the environment?  If so then using Bridge mode, you can specify the VLAN.  At that point, the port that the AP is plugged into will need to have that tag as an allowed VLAN for the SSID to bridge to the LAN.

TigerEmperor

Thanks Sidewaysguy.

No. I am not using the external AP, I am using the internal AP Feature.

 

 

Software Switch=lan

Role=lan

Vlan Interface=Vlan123

Wifi=tunnel mode (Builtin in Fortigate)

Wifi attached interface=lan

 

My software switch IP (192.168.10.28), DHCP=192.168.10.51-192.168.10.100

My Vlan interface IP (192.168.123.28), DHCP=192.168.123.51-192.168.123.100

 

The connected device (example: iphone) get the IP 192.168.10.51, but I want it get 192.168.123.51. How can I set it? I can not find the vlan option in wifi. Thanks.

Sidewaysguy

I think you may be missing what I said above.... Have you tried configuring the SSID in bridge mode and specifying the VLAN there.  As well, also noted above is that with a Software Switch, any IP configuration will override any interfaces' configuration that is added to the Software Switch.  I haven't specifically tested your scenario, but  i would see that would still apply. 

 

Besides, just wanting to accomplish this, if everything is internal to the FortiWifi, why not just leave the SSID as a separate interface and use policy to direct traffic to the other subnets?  You haven't explained why the VLAN interface is actually needed if it's not being tagged on other devices. 

Labels
Top Kudoed Authors