Configuring a WiFi LAN

When working with a FortiGate WiFi controller, you can configure your wireless network before you install any access points. If you are working with a standalone FortiWiFi unit, the access point hardware is already present but the configuration is quite similar. Both are covered in this section.

Overview of WiFi controller configuration

Setting your geographic location

Creating a FortiAP profile

Defining a wireless network interface (SSID)

Defining SSID groups

Dynamic user VLAN assignment

Configuring user authentication

Configuring firewall policies for the SSID

Configuring the built-in access point on a FortiWiFi unit

Enforcing UTM policies on a local bridge SSID for managed smart APs

On FortiGate model 30D, web-based manager configuration of the WiFi controller is disabled by default. To enable it, enter the following CLI commands:

config system global

set gui-wireless-controller enable end

The WiFi Controller and Switch Controller are enabled through the Feature Store (under System > Feature Select). However, they are separately enabled and configured to display in the GUI via the CLI.

To enable both WiFi and Switch controllers, enter the following:

config system global set wireless-controller enable set switch-controller enable

end

To enable the GUI display for both controllers, have also been separated:

config system settings set gui-wireless-controller enable set gui-switch-controller enable end

If you want to connect and authorize external APs, such as FortiAP units, see the next chapter, Access point deployment.