Purpose of this setup is for unsecure wireless devices to be sent to VLAN 50 192.168.50.0 network.
I need to be able to route back to 10.0.0.0/24 from 192.168.50.0/24 network. There is a Cisco ASA 5510 configured for the 10.0.0.0/24 network. Switches have been configured with VLAN 50 192.168.50.0/24 tagged and all can be pinged.
Here is the basic flow.
Fortigate v5.4 interface mode, Ubiquiti Unifi Wifi AP’s
AP’s are on the 10.0.0.0/24 network, Unifi controller has 10.0.0.201 address.
Fortigate Port 1 LAN has 192.168.30.1 address and VLAN 50 has 192.168.50.1 address.
3 networks – 10.0.0.0/24, 192.168.50.0/24 & 192.168.30.0/34
STEPS Wireless device gets on the network where Unifi controller puts it on VLAN 50 192.168.50.0/24. Yes Fortigate assigns IP address to device? Yes Wireless device needs a voucher from Unifi controller on 10.0.0.201 Fortigate routes to 10.0.0.0/24 network? NO
Picture included
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.