Created on 12-03-2021 09:48 AM Edited on 12-03-2021 09:49 AM
This is a newbie question.
I have Fortigate-60D and Pakedge WAP-W3G access point.
I figured out how to connect Fortigate-60D to the internet but cannot find any information how to connect Pakedge WAP-W3G access point to it to get working Wi-Fi.
Could you please provide me some links or information how to configure step-by-step Fortigate-60D to see WAP-W3G?
I see plenty of these used cheap devices on ebay but cannot find any information how to configure them working together.
Current firmware version v5.2.2
Created on 12-04-2021 03:34 AM
the Pakedge seems to be normally manageable through the GUI.
The FGT will not be able to manage the device, as FGT will be a wireless controller only for the FortiAPs. So the FGT and the other device, be it your laptop, router, raspberry PI... will be simply considered as some host or another router.
However, I found a manual on the device on an external site:
It details that you can access the Pakedge WAP-W3Gs interface via IP 192.168.1.250.
So you will need one interface, say internal3, on FGT that connects to the WAP-W3G, maybe set an IP 192.168.1.1. On your PC, you maybe have another IP as 192.168.0.1 on internal1 (just an example). Then you create a firewall policy from internal1 to internal3. Another probably from internal3 to WAN as the WAP-W3G may need internet connectivity.
You should now be able to connect to the 192.168.1.250, provided that is currently its IP address.
You can then configure the Wi-Fi AP and clients connecting to it would go online through the APs that routes traffic to the FGT which in turn routes traffic to wherever, likely internet.
Created on 12-06-2021 10:04 AM
Thank you for your help and suggestions.
I have this manual but it tells nothing about the connection WAP-W3G to Fortigate-60D.
WAP-W3G is just an access point and has to work with a wireless controller.
Fortigate-60D has a wireless controller setup but WAP-W3G is not on the supported AP list.
These 2 devices worked together before, but I cannot figure out how Fortigate-60D was configured before the factory reset.
I only know that AP has to be on a different subnet. Do I need to create VLAN?
I do not understand the idea about the creating an additional firewall policy. Why we need it?
Is it possible that WAP-W3G is compatible with any already listed in setup AP?
Do I need to upgrade firmware?
I am still unsuccessfully trying to get any configuration information.
Thank you for your help.
that Pakedge WAP-W3G is a totally different brand, it won't work with the FortiGate 60D (or any FortiGate on any firmware) as its controller.
also both the 60D and Pakedge WAP-W3G seem pretty old, it is perhaps wise to just invest in some newer stuff that actually works together.
if you are sure the WAP-W3G requires a controller just stop with the 60D as it wont work as a controller. you might be able to run the WAP-W3G standalone, then you can get this to work.
Created on 12-06-2021 10:35 AM
Yes, they are old and not supported officially, anyway, Fortinet tech support does not talk to me without the valid license and forwarded to the sales person.
But, these 2 specific devices are taken from a previously working environment. 100% they worked together.
They are both marked as "pakedgedevice&software inc." on the box.
WAP-W3G will not work as stand alone without a wireless controller. It does not have security/authentication features (passcode, etc.).
Created on 12-06-2021 10:52 AM
Actually you are right, there is a way to set up a passcode.
I opened the old WAP-W3G, did not find any password setup and assumed that the wireless controlled does the authentication.
So, if I just connect WAP-W3G to the Internet, will I get a working Wi-Fi? I should try.
Now I see wireless network, can connect to it but have no Internet. Possible because it is on different subnet. Let me change the subnet and try again. I will let you know the result.
Created on 12-06-2021 11:26 AM Edited on 12-06-2021 11:31 AM
Connected AP to the LAN with Internet directly, can see the Wi-Fi but when connecting see error "could not get IP address".
Cannot figure out what is responsible for providing IP addresses to the wireless clients.
AP LAN is on DHCP.
It looks it has to do something with VLAN.
Created on 12-06-2021 11:51 AM Edited on 12-06-2021 12:05 PM
OK, big progress. I was able to connect to the Internet wirelessly using VLAN 1 wireless network.
Thank you, guys, with your help I am moving to the right directions.
Fortigate-60D is NOT used as a wireless controller.
WAP-W3G IS working as stand alone.
I could not figure it out without your help, Marcus_M and boneyard.
Now I need to figure out how the network was configured previously to restore the old connections to other devices.
let me put together my thoughts and ask you more questions.
The old WAP-W3G VLAN is 6 and Fortigate-60D LAN was 192.168.6.100-200 with DHCP
The old WAP-W3G LAN was 192.168.20.220 (now it is changed to 192.168.1.80) with Gateway 192.168.20.254
Now I need to figure out how to connect WAP-W3G 192.168.20.220 to Fortigate-60D LAN 192.168.6.X
My goal is to restore the original configuration, because some old devices lost the original connection to the Internet.
Should I configure an additional VLAN on Fortigate-60D?
I do not understand, why we need to connect AP to Fortigate-60D on a different subnet?
Do I still need to create a firewall policy for VLAN? And how?
the why i can't answer either, doesnt seem needed to me, but that might be an WAP-W3G thing.
you can indeed add a VLAN to an interface and set it up like that.