Hello to all
I got myself a Fortinet FortiWiFi 60D a few days ago. After getting in touch with a Fortigate 100D at work, I thought the interface was quite well thought off. That made me think to buy a Fortigate at home too. I wanted to upgrade my home network with some VLAN's and routing/advanced firewalling between them.
In the few days I have this device, I already found out that you cannot configure VLAN's going out on trunk ports AND configuring VLAN access ports (traffic for only one of the VLAN's - untagged), so I already figured out I need a little managed switch together with the FortiWiFi to get simple access to the VLAN's at the FortiWiFi's location. Trunking is absolutely needed because I only have one cable going to another switch (which serves all the upper rooms), and then I only have one cable going to a wireless router serving as AP (wireless & 4 x Eth). But no problem, I will configure all the VLAN's on a hardware switch of two (trunk) ports (trunk-switch). I'm using another hardware switch of 4 ports for my incoming connection from my ISP. I'm using it to provide WAN connection to the FortiWiFi, but also to provide direct WAN access to my IPTV-vlan (tn-vlan, Telenet which is the ISP). The IPTV's do need to have direct access to the incoming WAN connection so I'm using a VLAN with 3 access ports (1 WAN in, 2 IPTV out). DMZ is being used as the management-interface, and WAN2 en port 5 are still available.
So far so good... Got my different VLAN's, and the only disadvantage of the FortiWiFi up untill now is that I cannot combine trunk port with VLAN access ports, so I need an extra managed switch. But then I want to configure the built-in WiFi (remember, it's a FortiWiFi). I'm not having any other Fortinet AP's, so I'm just using the built-in one of the FortiWiFi.
I want to create one SSID (Hund49), which infact will be bridged onto VLAN 10 - cl-vlan. So I want to get my WiFi clients in the same network with the same DHCP server (FortiWifi at the VLAN interface) as my LAN clients. I didn't found a lot of information about bridging SSID on the FortiWifi (only with managed Fortinet AP's) on the internet. The steps I followed are: creating an SSID, chosing "bridged to AP" as a mode, setting him up with the right VLAN ID. Then trying to couple this SSID to the active (& only) FortiAP profile. When adding it there manually to the SSIDs list, I'm getting an error "Entry not found". In the CLI I'm getting an error too.
I could make a WiFi interface (as shown in the picture), and adding a new VLAN just for the WiFi clients (I kept VLAN 20 free for this). But if I do this I also need to include this VLAN 20 on to the trunk ports (trunk-switch) because the same VLAN ID is used two switches further as the second WiFi of the house. I'm not seeing how to get the same VLAN on the WiFi as on the trunk ports together.
I must be missing something very stupid, so I hope to get an answer on this forum.
Thanks
I might be mistaken but WiFi on FortiWiFi doesn't bridge because bridging was originally developed for wifi traffic from APs doesn't have to get to the controller but directly goes out to local LAN the AP is connected to.
I'll wait if someone says NO.
I would guess you would need to create a software switch with the SSID and the trunk ports. Since VLANs aren't meant to traverse layer 3.
I haven't worked with the internal WiFi before, only actual APs, but it should work
An interface can't have any references to add to a new hardware/software switch. Since any policy/IP it has would no longer be relevant in the switch/zone/interface. You have to delete the hardware switch and have both interfaces free. Create software switch with interface 6, 7, and SSID
User | Count |
---|---|
991 | |
829 | |
462 | |
440 | |
132 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.