Just took over IT for a new company, never used Fortinet before, limited networking experience. Device is a FortiWifi 61E. Previous tech used generic consumer routers as APs, not sure why.
My goal is to configure a Guest Wifi with internet access but no access to other devices separate, and a bridged network so that I can join devices to our domain over Wifi when needed. I've tried a bunch of stuff, nothing's worked.
I've been trying to just to get a test network up, no matter what I try I never get and SSID to broadcast. I've dug through the CLI a bit, but still can't find a problem. Here is what I think is relevant, let me know if I'm missing something. Any help would be appreciated.
config wireless-controller inter-controller set inter-controller-mode disable set inter-controller-key [Nope] set inter-controller-pri primary set fast-failover-max 10 set fast-failover-wait 10 end config wireless-controller global set name '' set location '' set local-radio-vdom "root" set max-retransmit 3 set data-ethernet-II disable set link-aggregation disable set mesh-eth-type 8755 set fiapp-eth-type 5252 set discovery-mc-addr 224.0.1.140 set max-clients 0 set rogue-scan-mac-adjacency 7 set ipsec-base-ip 169.254.0.1 set ap-log-server disable set ap-log-server-ip 0.0.0.0 set ap-log-server-port 0 end config wireless-controller vap edit "wifi" set vdom "root" set fast-roaming enable set external-fast-roaming disable set mesh-backhaul disable set max-clients 0 set ssid "Guest Test" set broadcast-ssid enable set security wpa2-only-personal set pmf disable set voice-enterprise disable set fast-bss-transition disable set radius-mac-auth disable set encrypt AES set intra-vap-privacy disable set schedule "none" set ldpc rxtx set mpsk disable set local-standalone disable set local-bridging disable set split-tunneling disable set vlanid 0 set multicast-rate 0 set multicast-enhance disable set broadcast-suppression dhcp-up arp-known set me-disable-thresh 32 set probe-resp-suppression disable set vlan-pooling disable set gtk-rekey disable set qos-profile '' unset rates-11a unset rates-11bg unset rates-11n-ss12 unset rates-11n-ss34 unset rates-11ac-ss12 unset rates-11ac-ss34 set passphrase [Nope] next edit "Internal" set vdom "root" set fast-roaming enable set external-fast-roaming disable set mesh-backhaul disable set max-clients 0 set ssid "Domain Int" set broadcast-ssid enable set security wpa2-only-personal set pmf disable set voice-enterprise disable set fast-bss-transition disable set radius-mac-auth disable set encrypt AES set intra-vap-privacy disable set schedule "always" set ldpc rxtx set mpsk disable set local-standalone disable set local-bridging enable set local-authentication disable set vlanid 0 set multicast-rate 0 set multicast-enhance disable unset broadcast-suppression set me-disable-thresh 32 set probe-resp-suppression disable set vlan-pooling disable set gtk-rekey disable set qos-profile '' unset rates-11a unset rates-11bg unset rates-11n-ss12 unset rates-11n-ss34 unset rates-11ac-ss12 unset rates-11ac-ss34 set passphrase ENC [Nope] next end config system switch-interface edit "lan" set vdom "root" set member "internal" set type switch set intra-switch-policy implicit set span disable next end config system lte-modem set status disable set extra-init '' set authtype none set apn '' set modem-port 255 end config system interface edit "wan1" set vdom "root" set fortilink disable set mode dhcp set distance 5 set priority 0 set dhcp-relay-service disable set allowaccess ping fgfm set fail-detect disable set arpforward enable set broadcast-forward disable set bfd global set l2forward disable set icmp-redirect enable set vlanforward disable set stpforward disable set ips-sniffer-mode disable set ident-accept disable set ipmac disable set subst disable set substitute-dst-mac 00:00:00:00:00:00 set status up set netbios-forward disable set wins-ip 0.0.0.0 set type physical set netflow-sampler disable set sflow-sampler disable set scan-botnet-connections block set src-check enable set sample-rate 2000 set polling-interval 20 set sample-direction both set explicit-web-proxy disable set explicit-ftp-proxy disable set proxy-captive-portal disable set tcp-mss 0 set inbandwidth 0 set outbandwidth 0 set spillover-threshold 0 set ingress-spillover-threshold 0 set weight 0 set external disable set description '' set alias '' set l2tp-client disable set security-mode none set device-identification disable set fortiheartbeat disable set estimated-upstream-bandwidth 0 set estimated-downstream-bandwidth 0 set vrrp-virtual-mac disable set role wan set snmp-index 1 set preserve-session-route disable set auto-auth-extension-device disable set ap-discover enable config ipv6 set ip6-mode static set nd-mode basic unset ip6-allowaccess set ip6-reachable-time 0 set ip6-retrans-time 0 set ip6-hop-limit 0 set dhcp6-prefix-delegation disable set dhcp6-information-request disable set ip6-address ::/0 set ip6-send-adv disable set autoconf disable set dhcp6-relay-service disable end set dhcp-client-identifier '' set defaultgw enable set dns-server-override enable set speed auto set mtu-override disable set wccp disable set drop-overlapped-fragment disable set drop-fragment disable next edit "wan2" set vdom "root" set fortilink disable set mode dhcp set distance 5 set priority 0 set dhcp-relay-service disable set allowaccess ping capwap set fail-detect disable set arpforward enable set broadcast-forward disable set bfd global set l2forward disable set icmp-redirect enable set vlanforward disable set stpforward disable set ips-sniffer-mode disable set ident-accept disable set ipmac disable set subst disable set substitute-dst-mac 00:00:00:00:00:00 set status up set netbios-forward disable set wins-ip 0.0.0.0 set type physical set netflow-sampler disable set sflow-sampler disable set scan-botnet-connections disable set src-check enable set sample-rate 2000 set polling-interval 20 set sample-direction both set explicit-web-proxy disable set explicit-ftp-proxy disable set proxy-captive-portal disable set tcp-mss 0 set inbandwidth 0 set outbandwidth 0 set spillover-threshold 0 set ingress-spillover-threshold 0 set weight 0 set external disable set description '' set alias '' set l2tp-client disable set security-mode none set device-identification disable set fortiheartbeat disable set estimated-upstream-bandwidth 0 set estimated-downstream-bandwidth 0 set vrrp-virtual-mac disable set role undefined set snmp-index 2 set preserve-session-route disable set auto-auth-extension-device disable set ap-discover enable set fortilink-stacking enable config ipv6 set ip6-mode static set nd-mode basic unset ip6-allowaccess set ip6-reachable-time 0 set ip6-retrans-time 0 set ip6-hop-limit 0 set dhcp6-prefix-delegation disable set dhcp6-information-request disable set ip6-address ::/0 set ip6-send-adv disable set autoconf disable set dhcp6-relay-service disable end set dhcp-client-identifier '' set defaultgw enable set dns-server-override enable set speed auto set mtu-override disable set wccp disable set drop-overlapped-fragment disable set drop-fragment disable next edit "dmz" set vdom "root" set fortilink disable set mode static set dhcp-relay-service disable set ip 192.168.250.1 255.255.255.248 set allowaccess ping capwap set fail-detect disable set pptp-client disable set arpforward enable set broadcast-forward disable set bfd global set l2forward disable set icmp-redirect enable set vlanforward disable set stpforward disable set ips-sniffer-mode disable set ident-accept disable set ipmac disable set subst disable set substitute-dst-mac 00:00:00:00:00:00 set status down set netbios-forward disable set wins-ip 0.0.0.0 set type physical set netflow-sampler disable set sflow-sampler disable set scan-botnet-connections block set src-check enable set sample-rate 2000 set polling-interval 20 set sample-direction both set explicit-web-proxy disable set explicit-ftp-proxy disable set proxy-captive-portal disable set tcp-mss 0 set inbandwidth 0 set outbandwidth 0 set spillover-threshold 0 set ingress-spillover-threshold 0 set weight 0 set external disable set description '' set alias '' set l2tp-client disable set security-mode none set device-identification enable set device-user-identification enable set device-access-list '' set lldp-transmission vdom set fortiheartbeat disable set estimated-upstream-bandwidth 0 set estimated-downstream-bandwidth 0 set vrrp-virtual-mac disable set role undefined set snmp-index 3 set secondary-IP disable set preserve-session-route disable set auto-auth-extension-device disable set ap-discover enable set fortilink-stacking enable config ipv6 set ip6-mode static set nd-mode basic unset ip6-allowaccess set ip6-reachable-time 0 set ip6-retrans-time 0 set ip6-hop-limit 0 set dhcp6-prefix-delegation disable set dhcp6-information-request disable set ip6-address ::/0 set ip6-send-adv disable set autoconf disable set dhcp6-relay-service disable end set speed auto set mtu-override disable set wccp disable set drop-overlapped-fragment disable set drop-fragment disable next edit "modem" set vdom "root" set fortilink disable set mode pppoe set distance 5 set priority 0 set dhcp-relay-service disable unset allowaccess set arpforward enable set broadcast-forward disable set l2forward disable set vlanforward disable set stpforward disable set ips-sniffer-mode disable set ident-accept disable set ipmac disable set subst disable set substitute-dst-mac 00:00:00:00:00:00 set netbios-forward disable set wins-ip 0.0.0.0 set type physical set netflow-sampler disable set sflow-sampler disable set scan-botnet-connections disable set src-check enable set sample-rate 2000 set polling-interval 20 set sample-direction both set proxy-captive-portal disable set tcp-mss 0 set spillover-threshold 0 set ingress-spillover-threshold 0 set weight 0 set external disable set security-mode none set device-identification disable set fortiheartbeat disable set estimated-upstream-bandwidth 0 set estimated-downstream-bandwidth 0 set vrrp-virtual-mac disable set role undefined set snmp-index 6 set preserve-session-route disable set auto-auth-extension-device disable set ap-discover enable set ipunnumbered 0.0.0.0 set username '' set password ENC [Nope] set idle-timeout 0 set disc-retry-timeout 1 set padt-retry-timeout 1 set service-name '' set ac-name '' set lcp-echo-interval 5 set lcp-max-echo-fails 3 set defaultgw enable set dns-server-override enable set auth-type auto set mtu-override disable set wccp disable set drop-overlapped-fragment disable set drop-fragment disable next edit "wifi" set vdom "root" set mode static set dhcp-relay-service disable set ip 192.168.7.1 255.255.255.0 unset allowaccess set pptp-client disable set arpforward enable set broadcast-forward disable set bfd global set l2forward disable set icmp-redirect enable set vlanforward disable set stpforward disable set ips-sniffer-mode disable set ident-accept disable set ipmac disable set status up set netbios-forward disable set wins-ip 0.0.0.0 set type vap-switch set netflow-sampler disable set sflow-sampler disable set scan-botnet-connections disable set src-check enable set sample-rate 2000 set polling-interval 20 set sample-direction both set explicit-web-proxy disable set explicit-ftp-proxy disable set proxy-captive-portal disable set tcp-mss 0 set inbandwidth 0 set outbandwidth 0 set ingress-spillover-threshold 0 set external disable set description '' set alias '' set l2tp-client disable set device-identification enable set device-user-identification enable set device-access-list '' set fortiheartbeat disable set estimated-upstream-bandwidth 0 set estimated-downstream-bandwidth 0 set role lan set snmp-index 9 set secondary-IP disable set preserve-session-route disable config ipv6 set ip6-mode static set nd-mode basic unset ip6-allowaccess set ip6-reachable-time 0 set ip6-retrans-time 0 set ip6-hop-limit 0 set dhcp6-prefix-delegation disable set dhcp6-information-request disable set ip6-address ::/0 set ip6-send-adv disable set autoconf disable set dhcp6-relay-service disable end set macaddr 00:00:00:00:00:00 set mtu-override disable next edit "lan" set vdom "root" set fortilink disable set mode static set dhcp-relay-service disable set ip 10.1.19.100 255.255.255.0 set allowaccess ping https ssh http fgfm capwap set pptp-client disable set arpforward enable set broadcast-forward disable set bfd global set l2forward disable set icmp-redirect enable set vlanforward disable set stpforward disable set ips-sniffer-mode disable set ident-accept disable set ipmac disable set subst disable set substitute-dst-mac 00:00:00:00:00:00 set status up set netbios-forward disable set wins-ip 0.0.0.0 set type switch set netflow-sampler disable set sflow-sampler disable set scan-botnet-connections block set src-check enable set sample-rate 2000 set polling-interval 20 set sample-direction both set explicit-web-proxy disable set explicit-ftp-proxy disable set proxy-captive-portal disable set tcp-mss 0 set inbandwidth 0 set outbandwidth 0 set spillover-threshold 0 set ingress-spillover-threshold 0 set weight 0 set external disable set description '' set alias '' set l2tp-client disable set security-mode none set device-identification enable set device-user-identification enable set device-access-list '' set lldp-transmission vdom set fortiheartbeat disable set estimated-upstream-bandwidth 0 set estimated-downstream-bandwidth 0 set vrrp-virtual-mac disable set role lan set snmp-index 10 set secondary-IP disable set preserve-session-route disable set auto-auth-extension-device disable set ap-discover enable set fortilink-stacking enable config ipv6 set ip6-mode static set nd-mode basic unset ip6-allowaccess set ip6-reachable-time 0 set ip6-retrans-time 0 set ip6-hop-limit 0 set dhcp6-prefix-delegation disable set dhcp6-information-request disable set ip6-address ::/0 set ip6-send-adv disable set autoconf disable set dhcp6-relay-service disable end set mtu-override disable set wccp disable set drop-overlapped-fragment disable set drop-fragment disable next edit "internal" set vdom "root" set fortilink disable set priority 0 set pptp-client disable set arpforward enable set bfd global set l2forward disable set vlanforward disable set stpforward disable set ips-sniffer-mode disable set subst disable set status up set type hard-switch set netflow-sampler disable set sflow-sampler disable set scan-botnet-connections disable set src-check enable set sample-rate 2000 set polling-interval 20 set sample-direction both set explicit-web-proxy disable set explicit-ftp-proxy disable set proxy-captive-portal disable set inbandwidth 0 set outbandwidth 0 set spillover-threshold 0 set ingress-spillover-threshold 0 set external disable set description '' set alias '' set security-mode none set stp enable set stp-ha-slave priority-adjust set lldp-transmission vdom set estimated-upstream-bandwidth 0 set estimated-downstream-bandwidth 0 set role undefined set snmp-index 8 set preserve-session-route disable set ap-discover enable set dhcp-client-identifier '' set mtu-override disable set wccp disable set drop-overlapped-fragment disable set drop-fragment disable config l2tp-client-settings set user '' set password ENC [Nope] set peer-host '' set peer-mask 255.255.255.255 set peer-port 1701 set auth-type auto set mtu 1460 set distance 2 set priority 0 set defaultgw disable end next edit "Local LAN" set vdom "root" set mode static set dhcp-relay-service disable set ip 192.168.1.1 255.255.255.0 set allowaccess ping https snmp http set fail-detect disable set pptp-client disable set arpforward enable set broadcast-forward disable set bfd global set l2forward disable set icmp-redirect enable set vlanforward disable set stpforward disable set ips-sniffer-mode disable set ident-accept disable set ipmac disable set subst disable set substitute-dst-mac 00:00:00:00:00:00 set status up set netbios-forward disable set wins-ip 0.0.0.0 set type vlan set netflow-sampler disable set sflow-sampler disable set scan-botnet-connections disable set src-check enable set sample-rate 2000 set polling-interval 20 set sample-direction both set explicit-web-proxy disable set explicit-ftp-proxy disable set proxy-captive-portal disable set tcp-mss 0 set inbandwidth 0 set outbandwidth 0 set spillover-threshold 0 set ingress-spillover-threshold 0 set weight 0 set external disable set description '' set alias '' set l2tp-client disable set security-mode none set device-identification enable set device-user-identification enable set device-access-list '' set fortiheartbeat disable set estimated-upstream-bandwidth 0 set estimated-downstream-bandwidth 0 set vrrp-virtual-mac disable set role lan set snmp-index 4 set secondary-IP disable set preserve-session-route disable set ap-discover enable set color 0 config ipv6 set ip6-mode static set nd-mode basic unset ip6-allowaccess set ip6-reachable-time 0 set ip6-retrans-time 0 set ip6-hop-limit 0 set dhcp6-prefix-delegation disable set dhcp6-information-request disable set ip6-address ::/0 set ip6-send-adv disable set autoconf disable set dhcp6-relay-service disable end set mtu-override disable set wccp disable set drop-overlapped-fragment disable set drop-fragment disable set interface "lan" set vlanid 10 next edit "WIRLESS" set vdom "root" set mode static set dhcp-relay-service disable set ip 172.16.1.1 255.255.255.0 set allowaccess ping https snmp http set fail-detect disable set pptp-client disable set arpforward enable set broadcast-forward disable set bfd global set l2forward disable set icmp-redirect enable set vlanforward disable set stpforward disable set ips-sniffer-mode disable set ident-accept disable set ipmac disable set subst disable set substitute-dst-mac 00:00:00:00:00:00 set status up set netbios-forward disable set wins-ip 0.0.0.0 set type vlan set netflow-sampler disable set sflow-sampler disable set scan-botnet-connections disable set src-check enable set sample-rate 2000 set polling-interval 20 set sample-direction both set explicit-web-proxy disable set explicit-ftp-proxy disable set proxy-captive-portal disable set tcp-mss 0 set inbandwidth 0 set outbandwidth 0 set spillover-threshold 0 set ingress-spillover-threshold 0 set weight 0 set external disable set description '' set alias '' set l2tp-client disable set security-mode none set device-identification enable set device-user-identification enable set device-access-list '' set fortiheartbeat disable set estimated-upstream-bandwidth 0 set estimated-downstream-bandwidth 0 set vrrp-virtual-mac disable set role lan set snmp-index 5 set secondary-IP disable set preserve-session-route disable set ap-discover enable set color 0 config ipv6 set ip6-mode static set nd-mode basic unset ip6-allowaccess set ip6-reachable-time 0 set ip6-retrans-time 0 set ip6-hop-limit 0 set dhcp6-prefix-delegation disable set dhcp6-information-request disable set ip6-address ::/0 set ip6-send-adv disable set autoconf disable set dhcp6-relay-service disable end set mtu-override disable set wccp disable set drop-overlapped-fragment disable set drop-fragment disable set interface "lan" set vlanid 172 next edit "Internal" set vdom "root" set mode static set dhcp-relay-service disable set ip 0.0.0.0 0.0.0.0 unset allowaccess set pptp-client disable set arpforward enable set broadcast-forward disable set bfd global set l2forward disable set icmp-redirect enable set vlanforward disable set stpforward disable set ips-sniffer-mode disable set ident-accept disable set ipmac disable set status up set netbios-forward disable set wins-ip 0.0.0.0 set type vap-switch set netflow-sampler disable set sflow-sampler disable set scan-botnet-connections disable set src-check enable set sample-rate 2000 set polling-interval 20 set sample-direction both set explicit-web-proxy disable set explicit-ftp-proxy disable set proxy-captive-portal disable set tcp-mss 0 set inbandwidth 0 set outbandwidth 0 set ingress-spillover-threshold 0 set external disable set description '' set alias '' set l2tp-client disable set device-identification disable set fortiheartbeat disable set estimated-upstream-bandwidth 0 set estimated-downstream-bandwidth 0 set role lan set snmp-index 12 set secondary-IP disable set preserve-session-route disable config ipv6 set ip6-mode static set nd-mode basic unset ip6-allowaccess set ip6-reachable-time 0 set ip6-retrans-time 0 set ip6-hop-limit 0 set dhcp6-prefix-delegation disable set dhcp6-information-request disable set ip6-address ::/0 set ip6-send-adv disable set autoconf disable set dhcp6-relay-service disable end set macaddr 00:00:00:00:00:00 set mtu-override disable next end config system physical-switch edit "sw0" set age-enable disable set age-val 0 next end config system virtual-switch edit "internal" set physical-switch "sw0" set span disable config port edit "internal1" set speed auto set status up set alias '' next edit "internal2" set speed auto set status up set alias '' next edit "internal3" set speed auto set status up set alias '' next edit "internal4" set speed auto set status up set alias '' next edit "internal5" set speed auto set status up set alias '' next edit "internal6" set speed auto set status up set alias '' next edit "internal7" set speed auto set status up set alias '' next end next end
Solved! Go to Solution.
FAP221E supports PoE. It can also be powered up via External Power Source and you can the Ethernet via Non-PoE Switch.
Balaji
Solved my problem, I'm looking at expanding our network. Do the access points need PoE, specifically FAP-221E? Or can I plug them into an outlet and run the ethernet from a non-PoE switch?
FAP221E supports PoE. It can also be powered up via External Power Source and you can the Ethernet via Non-PoE Switch.
Balaji
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1736 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.