Wifi Controller Transparent mode

poloblack · ‎04-03-2015

Hello,

Iv been trying for a few days now to set up the fortgate 60D in transparent mode with my wifi AP to get access to the dhcp server / lan network. I have see a lot about creating a soft switch but im unable to make one when the device is set to trans mode. what am i missing from this to get the wifi to talk to the lan do i need to create policies from the internal to wifi and just open that up?

Thanks

Christopher_McMullan · ‎04-03-2015

It sounds more like what you need is a bridge via a software switch, instead of transparent mode.

-Remove *all* references to the wifi and lan interfaces in the firewall configuration: routes, DHCP scopes, policies, etc. -Create New under System > Network > Interfaces, and choose Software Switch as the type

-Select wifi and lan (or their respective names) as the two members, and re-define the firewall's address, DHCP scope, etc.

-Re-craft your firewall policies and any other objects that were associated with wifi or lan previously

OR....

Am I mis-interpreting your question, and are you trying to access a LAN or DHCP server beyond the FortiGate in your internal network?

Regards, Chris McMullan Fortinet Ottawa

Bromont_FTNT · ‎04-03-2015

Do you have the 60D in transparent mode solely so you can have wireless clients on the same subnet as wired? If so I would have the 60D in NAT mode and create a bridge mode SSID.

poloblack · ‎04-03-2015

so i have a Cisco router and then the Fortinet is in between the Cisco and the switch. I placed the 60d in transparent mode so i the Cisco will still handle the routing and tunnels dhcp and what not. I was using the 60 for anti virus and logging etc. i wanted it to then also act as my wifi controller, So it would sorta act as a 3 port switch wifi to lan or wan port and filter out any thing i wanted to be filtered out. once some one connected to wifi it would send the dhcp request to the wan port where the cisco would hand out the ip.

what i thought i could do is make a soft-switch to the lan and wifi and then and the 60d pass it all to the wan 1 port.

let me know if this is making scene. if there is a better way to do it im down.

Thanks Jay

Bromont_FTNT · ‎04-03-2015

It's still probably easiest to have the AP plugged into the switch instead of directly into the Fortigate and create a bridge mode SSID.

poloblack · ‎04-03-2015

so if i keep the 60d in trans mode and attach the ap to the switch i can have it connect but what about the local wifi on the 60d it self?

Bromont_FTNT · ‎04-03-2015

I haven't tested in the lab with a FWF unit however you should be able to select the bridge mode SSID for the local radio profile.

Wifi Controller Transparent mode

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website