Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
poloblack
New Contributor

Wifi Controller Transparent mode

Hello,

 

Iv been trying for a few days now to set up the fortgate 60D in transparent mode with my wifi AP to get access to the dhcp server / lan network. I have see a lot about creating a soft switch but im unable to make one when the device is set to trans mode. what am i missing from this to get the wifi to talk to the lan do i need to create policies from the internal to wifi and just open that up?  

 

Thanks 

6 REPLIES 6
Christopher_McMullan

It sounds more like what you need is a bridge via a software switch, instead of transparent mode.

 

-Remove *all* references to the wifi and lan interfaces in the firewall configuration: routes, DHCP scopes, policies, etc. -Create New under System > Network > Interfaces, and choose Software Switch as the type

-Select wifi and lan (or their respective names) as the two members, and re-define the firewall's address, DHCP scope, etc.

-Re-craft your firewall policies and any other objects that were associated with wifi or lan previously

 

 

OR....

 

Am I mis-interpreting your question, and are you trying to access a LAN or DHCP server beyond the FortiGate in your internal network?

Regards, Chris McMullan Fortinet Ottawa

Bromont_FTNT
Staff
Staff

Do you have the 60D in transparent mode solely so you can have wireless clients on the same subnet as wired? If so I would have the 60D in NAT mode and create a bridge mode SSID.

poloblack
New Contributor

so i have a Cisco router and then the Fortinet is in between the Cisco and the switch. I placed the 60d in transparent mode so i the Cisco will still handle the routing and tunnels dhcp and what not. I was using the 60 for anti virus and logging etc. i wanted it to then also act as my wifi controller, So it would sorta act as a 3 port switch wifi  to lan or wan port and filter out any thing i wanted to be filtered out. once some one connected to wifi it would send the dhcp request to the wan port where the cisco would hand out the ip. 

 

what i thought i could do is make a soft-switch to the lan and wifi and then and the 60d pass it all to the wan 1 port.

 

let me know if this is making scene. if there is a better way to do it im down.

 

Thanks Jay 

Bromont_FTNT

It's still probably easiest to have the AP plugged into the switch instead of directly into the Fortigate and create a bridge mode SSID.

poloblack
New Contributor

so if i keep the 60d in trans mode and attach the ap to the switch i can have it connect but what about the local wifi on the 60d it self?

 

Bromont_FTNT

I haven't tested in the lab with a FWF unit however you should be able to select the bridge mode SSID for the local radio profile.

Labels
Top Kudoed Authors