When trying to manage AP via FG-VM, the channel SSID cannot access the Internet.

EdChen · ‎03-02-2025

I am trying a schema as shown in the screenshot.

Currently, when the setting is like this, you can access the Internet normally using bridging, but when using the channel, you can obtain an IP but cannot access the Internet. Checking the AP log, you can see DNS-no-resp.

There are also policies set. Not sure what went wrong.
FG-VM uses the free version.

Stephen_G · ‎03-05-2025

Hello,

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Thanks,

Stephen - Fortinet Community Team

adambomb1219 · ‎03-05-2025

Are the policies correct? Can the client access anything? What do you mean "using the channel"?

EdChen · ‎03-05-2025

sorry,I updated, I typed the wrong channel, it should be tunnel.
You can access the Internet normally in bridge mode, but not in tunnel mode.

P3<->mgmt You can ignore it.

EdChen · ‎03-05-2025

The policy is set to all-pass. After connecting to the tunnel ssid, you will not see the policy bytes increase. I have tried to manually set it to 8.8.8.8 OR 8.8.4.4 on the client side, and after connecting, I get DNS-no-resp.
How can I verify the DHCP relay settings and ensure the AP is forwarding traffic correctly?

EdChen · ‎06-04-2025

Later, we gave up using tunnel mode and directly adopted ssid in bridge mode, which is now working normally.
In the formal environment, FGT-VM is used to carry AP and ssid, and routing & VLAN are established on 90G.

When trying to manage AP via FG-VM, the channel SSID cannot access the Internet.

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website