Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Serdark54
New Contributor

Created on ‎11-11-2023 11:03 AM

FortiAP 421E vlan problem

I have successfully completed the VLAN configuration on my FortiGate F100E device with a manageable Netgear switch, and devices connected to the Netgear ports are obtaining IP addresses without any issues. However, I would like to use three out of my six FortiAP devices with VLAN and the other three without VLAN. How can this be achieved?

Labels:
1242
0 Kudos
5 REPLIES 5
mle2802
Staff
Staff

Created on ‎11-11-2023 11:44 AM

Hi @Serdark54,

You can use tunnel mode SSID for without VLAN traffic and bridge mode to tag VLAN. Please refer to this document for more information "https://community.fortinet.com/t5/FortiAP/Technical-Tip-SSID-Local-bridge-vs-Tunnel-mode/ta-p/272838...

Regards,
Minh

1233
0 Kudos
Serdark54
New Contributor

Created on ‎11-11-2023 12:05 PM

Hi, link is dont work

1228
0 Kudos
ebilcari
Staff
Staff

Created on ‎11-12-2023 01:30 AM

Since you are using a managed switch to connect the APs it's always recommended to use a dedicated VLAN for AP management. It's more secure (management traffic don't mix with user's traffic) and it's easy to troubleshoot in case of problems. For WiFi user's traffic you can than choose to bridge the traffic to the switch port or tunnel it to the WLC/FGT.

Since you have FGT and FAP, using tunnel mode SSIDs is the recommended way since it removes the need of spanning WiFi user's VLANs across the switches and it's easy to configure and troubleshoot.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
1191
0 Kudos
Serdark54
New Contributor
In response to ebilcari

Created on ‎11-14-2023 12:56 AM

FortiAPs were connected to the vlan structure on the Netgear gs724tpv2 managed switch and the ssids were put in tunnel mode, but they still could not receive IP. Since the company was at work, I reset the switch to factory settings and used it without vlan. I'm thinking of doing this again this weekend. I would appreciate it if you could share the guide as a video.

1165
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.