Hello all, hoping someone has an idea to help me out on this config issue.

I have a full Fortinet setup between 2 buildings connected via fiber.  No issue.  FTG in HA and 5 48 port switches all managed on the FTG.

My addition (and problem) is adding my 3rd building to get phone service (have FortiVoice onsite.)

Building 1 and 3 are linked via a UBNT wireless bridge.  The bridge is configured and great signal strength and throughput.

Where my primary problem lies, is in VLAN1 where the switch controller is running.  It appears UBNT does not allow VLAN1 traffic over the bridge and maybe using it for its own controller type use. I can live with that, and covert to stand alone on the remote switch if I had to.

My network layout:

Vlan28 (data)

Vlan29 (voip)

Vlan49 (data2)

Vlan50 (public traffic)

(B1) FTG -> S3 -> UBNT AP ------ wireless bridge ---- > UBNT Client AP -> 108E (B3)

B1S3 (Building 1, Switch 3) is connected on port 45 (set as static trunk, native vlan1, allow all) to the wireless bridge.

B3S1 is connected on port 8 (108E switch) (set as static trunk, native vlan1, allow all) to the wireless bridge.

Where my problem lies, I can never get the switch to connect to the FTG for switch control. (over the bridge).  I can get vlan50 traffic across as well as vlan49 with DHCP setup. (with setting native vlan on ports assigned to the device)

What doesn't work is vlan29 (port6) with DHCP. My FortiFone will not get an IP from the FTG, however, if I set static, it did connect once, then after reboot, it doesn't work. On port7 I have an ATA device, using vlan29 on a static config and it works.  Port 6 and 7 are configured exactly the same.  From B1 over the bridge, I can ping the device on port7 but not port6.

It's a mess, I know.  I see 2 issues.  My vlan1 not talking and the issue with vlan29 and I think it will apply to vlan28 as well, not talking fully across the bridge.

I have not done any captures yet, was hoping I have missed an easy answer here.