Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Serdark54
New Contributor

FortiAP 421E vlan problem

I have successfully completed the VLAN configuration on my FortiGate F100E device with a manageable Netgear switch, and devices connected to the Netgear ports are obtaining IP addresses without any issues. However, I would like to use three out of my six FortiAP devices with VLAN and the other three without VLAN. How can this be achieved?

5 REPLIES 5
mle2802
Staff
Staff

Hi @Serdark54,

You can use tunnel mode SSID for without VLAN traffic and bridge mode to tag VLAN. Please refer to this document for more information "https://community.fortinet.com/t5/FortiAP/Technical-Tip-SSID-Local-bridge-vs-Tunnel-mode/ta-p/272838...

Regards,
Minh

Serdark54
New Contributor

Hi, link is dont work

ebilcari
Staff
Staff

Since you are using a managed switch to connect the APs it's always recommended to use a dedicated VLAN for AP management. It's more secure (management traffic don't mix with user's traffic) and it's easy to troubleshoot in case of problems. For WiFi user's traffic you can than choose to bridge the traffic to the switch port or tunnel it to the WLC/FGT.

Since you have FGT and FAP, using tunnel mode SSIDs is the recommended way since it removes the need of spanning WiFi user's VLANs across the switches and it's easy to configure and troubleshoot.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
Serdark54

FortiAPs were connected to the vlan structure on the Netgear gs724tpv2 managed switch and the ssids were put in tunnel mode, but they still could not receive IP. Since the company was at work, I reset the switch to factory settings and used it without vlan. I'm thinking of doing this again this weekend. I would appreciate it if you could share the guide as a video.

Labels
Top Kudoed Authors