Using a FortiWiFi unit as a client
A FortiWiFi operates by default as a wireless access point. But a FortiWiFi can also operate as a wireless client, connecting the FortiGate to another wireless network.
Use of client mode
In client mode, the FortiWiFi unit connects to a remote WiFi access point to access other networks or the Internet. This is most useful when the FortiWiFi unit is in a location that does not have a wired infrastructure.
For example, in a warehouse where shipping and receiving are on opposite sides of the building, running cables might not be an option due to the warehouse environment. The FortiWiFi unit can support wired users using its Ethernet ports and can connect to another access point wirelessly as a client. This connects the wired users to the network using the 802.11 WiFi standard as a backbone.
Note that in client mode the FortiWiFi unit cannot operate as an AP. WiFi clients cannot see or connect to the FortiWifi unit in Client mode.
Configuring client mode
To set up the FortiAP unit as a WiFi client, you must use the CLI. Before you do this, be sure to remove any AP WiFi configurations such as SSIDs, DHCP servers, policies, and so on.
To configure wireless client mode
- Change the WiFi mode to client.
In the CLI, enter the following commands:
config system global set wireless-mode client
end
Incoming Interface (srcintf) | wifi |
Source Address (srcaddr) | all |
Outgoing Interface (dstintf) | port1 |
Destination Address (dstaddr) | all |
Schedule | always |
Service | ALL |
Action | ACCEPT |
Enable NAT | Selected |
Respond “y” when asked if you want to continue. The FortiWiFi unit will reboot.
- Configure the WiFi interface settings.
For example, to configure the client for WPA-Personal authentication on the our_wifi SSID with passphrase justforus, enter the following in the CLI:
config system interface edit wifi set mode dhcp config wifi-networks edit 0 set wifi-ssid our_wifi set wifi-security wpa-personal set wifi-passphrase “justforus”
end
end
The WiFi interface client_wifi will receive an IP address using DHCP.
- Configure a wifi to port1 policy.
You can use either CLI or web-based manager to do this. The important settings are:
Controlled AP selection support in FWF client mode
Use the following CLI commands to provide a more controlled AP selection method (supported in FortiWiFi client mode).
Syntax
config system interface edit {name} set wifi-ap-band {any | 5g-preferred | 5g-only}
next end
I have de-mothballed an old FWF-40C and I FEEL like I have it configured correctly for client mode on the wifi, but it doesn’t seem to want to pick up an address from DHCP. I have re-entered the SSID, security and PSK several times. I also BELIEVE that I have the policies configured properly for it. Any guidance? And debug commands to see what might be happening?