How to -_configure_port_forwarding_using_virtual_host_to_access_devices_on_in...
Fgt forti ap
1. 58
1. Configure the FortiGate WAN 1 and LAN ports
2. Create an internal address range and security policy
3. Set up a wireless network with the FortiAP
4. Results
Setting up a FortiGate and FortiAP to provide wired
and wireless Internet access
This example sets up a FortiAP unit to connect to the Internet using the FortiGate
unit. Wireless and wired users will be on the same subnet and thus can share
network resources.
Internet
LAN
192.168.1.99/24
FortiGate
FortiAP
WAN 1
172.20.120.226
wireless
network
Internal network
2. 59
Step One: Configure the FortiGate
WAN 1 and LAN ports
Go to System > Network > Interface.
Configure the WAN 1 interface to use
DHCP.
Configure the LAN interface to use a static
IP with a DHCP server enabled on it.
3. 60
Step TWO: Create an internal address
range and security policy
Step Three: Set up a wireless network
with the FortiAP
Go to Firewall Objects > Address >
Address.
Create a new address range for the
internal network users.
Connect the FortiAP to the LAN interface.
Go to WiFi Conroller > Managed Access
Points > Managed FortiAP and authorize
the FortiAP.
Go to Policy > Policy > Policy.
Create a security policy allowing users on
the wired network to access the Internet.
4. 61
Go to WiFi Conroller > WiFi Network >
SSID and create a new SSID.
Ensure the Traffic Mode is set to Local
bridge with FortiAP’s Interface.
Go to WiFi Conroller > WiFi Network >
Custom AP Profile.
Select Create New and select My_SSID
for Radio 1 and Radio 2.
5. 62
Go to WiFi Conroller > Managed Access
Points > Managed FortiAP.
Edit the FortiAP in the Wireless Settings
and select MyProfile for the AP Profile.
Go to Log & Report > Traffic Log >
Forward Traffic and verify that wifi users
accessing the internet with the same
security policy as the wired network users.
Have the wifi users connect to My_SSID
and they should be able to surf the
internet. The wireless devices will be in the
same subnet as the internal wired network.
Go to WiFi Controller > Monitor > Client
Monitor to see wifi users and their IP
addresses.
Results