Using a FortiWiFi unit as a client
A FortiWiFi unit by default operates as a wireless access point. But a FortiWiFi unit can also operate as a wireless client, connecting the FortiGate unit to another wireless network.
- Use of client mode
- Configuring client mode
Use of client mode
In client mode, the FortiWiFi unit connects to a remote WiFi access point to access other networks or the Internet. This is most useful when the FortiWiFi unit is in a location that does not have a wired infrastructure.
For example, in a warehouse where shipping and receiving are on opposite sides of the building, running cables might not be an option due to the warehouse environment. The FortiWiFi unit can support wired users using its Ethernet ports and can connect to another access point wirelessly as a client. This connects the wired users to the network using the 802.11 WiFi standard as a backbone.
Note that in client mode the FortiWiFi unit cannot operate as an AP. WiFi clients cannot see or connect to the FortiWifi unit in Client mode.
FortiWiFi unit in Client mode
Using a FortiWiFi unit as a client
FortiGate FortiAP
>))
Wired clients
Configuring client mode
To set up the FortiAP unit as a WiFi client, you must use the CLI. Before you do this, be sure to remove any AP WiFi configurations such as SSIDs, DHCP servers, policies, and so on.
To configure wireless client mode
1. Change the WiFi mode to client.
In the CLI, enter the following commands:
config system global
set wireless-mode client end
Respond “y” when asked if you want to continue. The FortiWiFi unit will reboot.
2. Configure the WiFi interface settings.
For example, to configure the client for WPA-Personal authentication on the our_wifi SSID with passphrase
justforus, enter the following in the CLI:
config system interface edit wifi
set mode dhcp
config wifi-networks edit 0
set wifi-ssid our_wifi
set wifi-security wpa-personal set wifi-passphrase “justforus”
end
end
The WiFi interface client_wifi will receive an IP address using DHCP.
3. Configure a wifi to port1 policy.
You can use either CLI or web-based manager to do this. The important settings are:
Incoming Interface (srcintf) wifi
Source Address (srcaddr) all
Outgoing Interface (dstintf) port1
Destination Address
(dstaddr)
all
Schedule always
Service ALL
Action ACCEPT
Enable NAT Selected
What are the CLI commands to perform Step 3? The Fortidocuments don’t say, either.
Thank you!!