FAP 221C multiple bridged and tunneled SSIDs Policy problems
I have the following situation:
I have configured my FAPs that way that some SSIDs are using tunnelmode. To supply internetaccess for these SSIDs I set up a policy saying Incoming "WLAN SSID" -> Outgoing WAN2, all Services, anytime, NAT.
I have a WAN2 Port, which is set up as Standardroute , but has a lower priority then WAN1 which is used for the Desktop PCs. The idea is to use WAN2 for the WLAN Access (tunnel mode), and WAN1 for the PC-Network.
To make the WAN2 Port used by the WLAN-SSIDs (tunnel mode) I additionally configured policyroutes which say that all traffic coming from the SSIDs IP - Ranges have to go out to the Internet via the WAN2 Port / Wan2 Gateway, which works well.
Now, If I would like to set up another SSID, which should use the WAN1 port for the connection to the internet, I did not get access to the WWW. In my opinion it should work, if I a.) set up the SSID in tunnelmode and add a policy which says that this SSID (incoming) should NAT via WAN1 (outgoing), all services, anytime - but it didn't.
Is this kind of configuration possible?
Are multiple SSIDs in tunnel mode and bridged mode supported?
Thanks for your update. I was just going through your config/comments etc. I work on wireless side and am not that familiar with all the features on FGT. From FGT point of view, wireless interface is pretty much similar to a wired interface.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.