- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiAP's on 3rd party switch
I need to connect a Forti AP through a Dell switch
I have 2 x fortiswitches with several working AP's, 2x SSID's all fine.
I setup a physical port which connects my Dell switch to my Edge switch stack and the fortiAP is online and given the correct DHCP address i setup.
But I cannot get DHCP to work on the SSID's of this AP.
Do i need to recreate VLANS? as I tried this and nobody could connect on any AP and was giving random 169.xxx addressed.
When i try and connect to either SSID on the not working AP - i get a 169 address.
I need it to see the VLANS on the fortlink - but dont know how to do this or if it can? thats why i think i need to recreate them?
Thanks
- « Previous
-
- 1
- 2
- Next »
Created on ‎11-29-2024 02:26 AM Edited on ‎11-29-2024 02:32 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, and the VLAN used for AP management should have enabled 'Security Fabric Connection'.
The VLAN ID can also have the same ID with the VLANs used in Fortilink but they will not be related at all so it would be better to use other IDs to avoid the confusion.
As mentioned earlier you can also use a software switch to combine all this networks to a single subnet, but that involves configuration changes and doesn't fit every deployment due to performance limitation. In the example below there are 3 type of interfaces: sub/interface VLAN, a Fortilink VLAN and a SSID in the same software switch and they are using the same subnet:
If you have found a solution, please like and accept it to make it easily accessible for others.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
the second I change the native VLAN on the switch to the VLAN created in fortigate, the AP drops offline.
any ideas?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You can try to reboot the AP by cutting PoE, so it can receive an IP from the new subnet. Also make sure on the switch configuration to have the VLAN as access on the port when the AP is connected and allow it in the trunk/uplink port with the FGT.
If you have found a solution, please like and accept it to make it easily accessible for others.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So set the managed AP VLAN attached to the physical interface an access port on the DELL switch?
as it's currently a trunk port?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I meant to set the AP management VLAN as the native/PVID/untagged VLAN in the port. Every vendor like to put a different name on this :)
If you have found a solution, please like and accept it to make it easily accessible for others.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The second i change the untagged native VLAN from the Fortilink VLAN to the Phyiscal interface untagged VLAN the AP goes offline
Just dont understand why
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You need to isolate the problem:
- at L2 level, verify that the switch learns the MAC addresses of the AP and the FGT on the new VLAN.
- at L3 level, verify that the AP has received a new IP from DHCP and the new subnet, AP should be pinged by FGT. Verify AP configuration if it has any static IP configured.
- CAPWAP tunnel troubleshoot, like shown in this article.
If you have found a solution, please like and accept it to make it easily accessible for others.

- « Previous
-
- 1
- 2
- Next »