Hello,
Iv been trying for a few days now to set up the fortgate 60D in transparent mode with my wifi AP to get access to the dhcp server / lan network. I have see a lot about creating a soft switch but im unable to make one when the device is set to trans mode. what am i missing from this to get the wifi to talk to the lan do i need to create policies from the internal to wifi and just open that up?
Thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
It sounds more like what you need is a bridge via a software switch, instead of transparent mode.
-Remove *all* references to the wifi and lan interfaces in the firewall configuration: routes, DHCP scopes, policies, etc. -Create New under System > Network > Interfaces, and choose Software Switch as the type
-Select wifi and lan (or their respective names) as the two members, and re-define the firewall's address, DHCP scope, etc.
-Re-craft your firewall policies and any other objects that were associated with wifi or lan previously
OR....
Am I mis-interpreting your question, and are you trying to access a LAN or DHCP server beyond the FortiGate in your internal network?
Regards, Chris McMullan Fortinet Ottawa
Do you have the 60D in transparent mode solely so you can have wireless clients on the same subnet as wired? If so I would have the 60D in NAT mode and create a bridge mode SSID.
so i have a Cisco router and then the Fortinet is in between the Cisco and the switch. I placed the 60d in transparent mode so i the Cisco will still handle the routing and tunnels dhcp and what not. I was using the 60 for anti virus and logging etc. i wanted it to then also act as my wifi controller, So it would sorta act as a 3 port switch wifi to lan or wan port and filter out any thing i wanted to be filtered out. once some one connected to wifi it would send the dhcp request to the wan port where the cisco would hand out the ip.
what i thought i could do is make a soft-switch to the lan and wifi and then and the 60d pass it all to the wan 1 port.
let me know if this is making scene. if there is a better way to do it im down.
Thanks Jay
It's still probably easiest to have the AP plugged into the switch instead of directly into the Fortigate and create a bridge mode SSID.
so if i keep the 60d in trans mode and attach the ap to the switch i can have it connect but what about the local wifi on the 60d it self?
I haven't tested in the lab with a FWF unit however you should be able to select the bridge mode SSID for the local radio profile.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1633 | |
1063 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.