Configuration for Creating Separate 2.4GHz and 5GHz SSIDs on FortiGate 61e
Hi All ! I recently acquired a FortiGate 61e firewall and have restored it to factory default settings. I am currently using a FortiGate 61e firewall with the following details:
FortiGate model: FortiGate 61e.
FortiGate Version: 7.4.0 build 2360
FortiGate address: 192.168.1.1 (changed from 192.168.1.99)
I am interested in creating two separate Wi-Fi networks on this FortiGate device. Specifically, I would like to have one SSID operating on the 2.4GHz frequency and another SSID on the 5GHz frequency. However, both networks should exist within the same LAN, using the 192.168.1.X IP range and sharing the same DHCP server.
1. SSID 2.4GHz - 192.168.1.X
2. SSID 5GHz - 192.168.1.X
I would appreciate guidance on how to set up this configuration from scratch, including the steps to create the necessary FortiAP profileand any other guidance on how to configure this setup on my FortiGate 61e. I appreciate any instructions, recommendations, or best practices that can help me achieve this goal.
To create two separate Wi-Fi networks on your FortiGate 61e, operating on the 2.4GHz and 5GHz frequencies respectively, while both networks exist within the same LAN and use the 192.168.1.X IP range, you can follow these steps:
1. Connect to the FortiGate web interface: Open a web browser and enter the IP address of your FortiGate (192.168.1.1) in the address bar.
2. Log in: Enter your administrator credentials to log in to the FortiGate web interface.
3. Configure the wireless interface: a. Go to "System > Network > Interfaces." b. Click on the "Create New" button. c. Select "Wireless" as the interface type. d. Give a name to the interface, e.g., "WiFi-2.4GHz." e. Configure the desired IP address and subnet mask, e.g., 192.168.1.2/24. f. Enable DHCP server on this interface if you want to provide IP addresses to wireless clients. g. Save the interface configuration.
4. Configure the wireless SSIDs: a. Go to "WiFi & Switch Controller > SSID." b. Click on the "Create New" button. c. Configure the SSID for the 2.4GHz network, e.g., "SSID-2.4GHz." d. Select the "WiFi-2.4GHz" interface you created in the previous step. e. Configure other settings such as authentication method (WPA2-PSK, etc.), encryption, and any other desired parameters. f. Save the SSID configuration.
5. Repeat step 4 to create another SSID for the 5GHz network, e.g., "SSID-5GHz," selecting the appropriate wireless interface (e.g., "WiFi-5GHz").
6. Configure the FortiAP profile: a. Go to "WiFi & Switch Controller > FortiAP Profiles." b. Click on the "Create New" button. c. Give a name to the FortiAP profile, e.g., "FortiAP-Profile." d. Under the "WiFi Bands" section, select the appropriate bands for each SSID (2.4GHz for "SSID-2.4GHz" and 5GHz for "SSID-5GHz"). e. Configure other settings as needed, such as transmit power, channel selection, etc. f. Save the FortiAP profile.
7. Apply the FortiAP profile to the wireless interfaces: a. Go to "WiFi & Switch Controller > FortiAP > Managed FortiAP." b. Select the "WiFi-2.4GHz" interface. c. Under the "FortiAP Profile" section, select the "FortiAP-Profile" you created. d. Apply the profile to the interface. e. Repeat the same steps for the "WiFi-5GHz" interface, applying the same FortiAP profile.
8. Verify and test: a. Connect your wireless devices to the respective SSIDs (2.4GHz or 5GHz). b. Ensure that the devices obtain IP addresses from the DHCP server and can communicate with other devices on the LAN (192.168.1.X network).
By following these steps, you should be able to create two separate Wi-Fi networks on your FortiGate 61e, operating on the 2.4GHz and 5GHz frequencies, while sharing the same LAN and DHCP server. Make sure to adjust the settings according to your specific requirements.
As you are using FWF internal radio, bridge mode is not an option. You have to configure only Tunnel mode SSID.
In Network Interfaces, create a Soft Switch Interface, configure IP & DHCP and you need to add both these tunnel SSID under same software switch. Wireless clients connecting to these two tunnel SSID will receive IP from same network.
Here is the document to create software switch and add tunnel interface under it.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.