I have a Fortigate 80F. Right now we have it set up on internal1 is our LAN access and uses WAN1 by default with a link monitor set up to fail over to WAN2 if WAN1 goes down, and then move back to WAN1 when the link is restored.
On internal 2, I have my Cisco Meraki switch plugged in. The meraki setup currently has 3 different SSIDs broadcasting. Through a policy route in the Fortigate, Internal2 gets internet access through WAN2 with a failover to WAN1, same way as above just in reverse.
What I am trying to accomplish now is through that single port to allow SSID1 and SSID2 to use WAN1 by default and failover to WAN2 during a outage, while keeping SSID3 in the configuration already in place on Internal2 (WAN2, then WAN1 as backup). SSID1 and SSID2 cannot be allowed to talk to other networks for PCI compliance. These are credit card pinpad readers on SSID1 and 2.
Is the best way to go, single cable setup and some kind of vlan tagging? Or would it be better to set up another port on the Meraki to be how SSID1 and 2 go out, then i can just run a cable to our LAN switch, which would essentially achieve the same thing because LAN is already setup with WAN1-->WAN2 failover.
Any tips, or best practice suggestions will be greatly appreciated!
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.