We can manage the Forti-APs in fortigate Transparent Mode ?
@nithish.k@snsin.com,@sanjeevi.s@snsin.com
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello Nitish,
Yes, you can manage FortiAPs in FortiGate Transparent Mode. Here are the steps to configure the FortiGate interface to manage FortiAP units:
Enable DHCP Server on the Interface:
Go to Network > Interfaces.
Edit the interface (e.g., port16) that will be used to manage FortiAPs.
In the IP/Network Mask field, enter an IP address for the interface.
Enable DHCP Server with the default settings.
Enable CAPWAP Access:
Go to Network > Interfaces.
Double-click the interface (e.g., port16).
Under Administrative Access, select Security Fabric Connection.
Click OK.
Configure VCI-Match (Optional):
If required, enable the VCI-match feature using the CLI to ensure only devices with a matching VCI name can acquire an IP address from the DHCP server:
shell
config system dhcp server
edit 1
set interface port16
set vci-match enable
set vci-string "FortiAP"
next
end
Enable Automatic FortiAP Discovery and Authorization:
To create a new FortiAP entry automatically when a new FortiAP unit is discovered:
shell
config system interface
edit port16
set allow-access fabric
set ap-discover enable
next
end
To allow FortiGate to authorize a newly discovered FortiAP to be controlled by the FortiGate:
shell
config system interface
edit port16
set allow-access fabric
set auto-auth-extension-device enable
next
end
By following these steps, you can manage FortiAPs even when the FortiGate is operating in Transparent Mode
Ref: https://docs.fortinet.com/document/fortiap/6.4.0/fortiwifi-and-fortiap-cookbook/252439/configuring-t...
Hello Nitish,
Yes, you can manage FortiAPs in FortiGate Transparent Mode. Here are the steps to configure the FortiGate interface to manage FortiAP units:
Enable DHCP Server on the Interface:
Go to Network > Interfaces.
Edit the interface (e.g., port16) that will be used to manage FortiAPs.
In the IP/Network Mask field, enter an IP address for the interface.
Enable DHCP Server with the default settings.
Enable CAPWAP Access:
Go to Network > Interfaces.
Double-click the interface (e.g., port16).
Under Administrative Access, select Security Fabric Connection.
Click OK.
Configure VCI-Match (Optional):
If required, enable the VCI-match feature using the CLI to ensure only devices with a matching VCI name can acquire an IP address from the DHCP server:
shell
config system dhcp server
edit 1
set interface port16
set vci-match enable
set vci-string "FortiAP"
next
end
Enable Automatic FortiAP Discovery and Authorization:
To create a new FortiAP entry automatically when a new FortiAP unit is discovered:
shell
config system interface
edit port16
set allow-access fabric
set ap-discover enable
next
end
To allow FortiGate to authorize a newly discovered FortiAP to be controlled by the FortiGate:
shell
config system interface
edit port16
set allow-access fabric
set auto-auth-extension-device enable
next
end
By following these steps, you can manage FortiAPs even when the FortiGate is operating in Transparent Mode
Ref: https://docs.fortinet.com/document/fortiap/6.4.0/fortiwifi-and-fortiap-cookbook/252439/configuring-t...
Thank you for your response. We will proceed with the suggested steps in our lab and will inform you of the outcomes.@akumar02
Thanks,
Please keep us posted.
Thank you so much.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.