WLAN and LAN on Same Subnet

TopJimmy · ‎01-07-2009

Stupid question: I' d like the wifi network and wired network to be on the same subnet (like a crappy linksys router) and have the Fortigate dish out addresses from that subnet (dhcp). Can I do that on the FWF-60B?

-TJ

rwpatterson · ‎01-07-2009

You could place both the WiFi and internal into a zone, and configure them that way. They would have different subnet masks, but you would only need to set up one set of policies.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

TopJimmy · ‎01-08-2009

thanks, but both would have to be on the same subnet due to limitations of the software (example: iTunes library sharing). I ended up running a cable and not using wireless for this project.

-TJ

rwpatterson · ‎01-08-2009

There is a CLI switch to allow subnet overlap, which should permit you to use the same subnet on both interfaces, but routing would be another bear... Another option would be to use half-nets....255.255.255.128. For example: internal 192.168.1.1/255.255.255.128, and WLAN 192.168.1.129/255.255.255.128. The Fortigate would treat them as separate for routing purposes, but the PCs would still be in the same class C subnet. I made up the ' half-net' term, but it works for me ;-) Good luck

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Report Inappropriate Content · ‎01-29-2009

I have the same problem I want to have wifi network and wired network in the same subnet. Now I use an other Linksys wifi router. I donâ€™t want to do a complicate configuration just to put the wifi network and wired network in the same subnet. It must to be the same subnet by default. Thanks

Report Inappropriate Content · ‎01-30-2009

I do not know if works but try like this: 1 vdom (transparnet) vdomlink, internal, wlan 2. vdom nat vdomlink,wan or you can enable in system settings (cli) allow-subnet-overlap enable

FortiRack_Eric · ‎01-30-2009

You cannot use vdomlinks in transparant mode. But boys, the network design is wrong, don' t try to fix the proposed problem. wireless and fixed should have 2 seperate network ip' s. Then provide static nat' s and firewall rules for the itunes library computers. That' s all. Cheers, Eric

Rackmount your Fortinet --> http://www.rackmount.it/fortirack

red_adair · ‎02-22-2009

what you can do is to ' group' your internal and wlan interface into a new virtual Interface - this feature is called " switchgroup" After that you have a new " virtual" Interface (lets say ' LAN' ) and the other 2 disappear. So you than run your DHCP, routing, policies etc on that new virtual Interface.

 config system switch-interface
  edit " LAN" 
   set member " internal1"  " wlan"

-R.

Report Inappropriate Content · ‎03-22-2009

Where I find this feature " switchgroup" ?

rwpatterson · ‎03-22-2009

I believe it' s on V4 firmware version only...

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

WLAN and LAN on Same Subnet

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website