WiFi network with external DHCP service

Facebooktwittergoogle_plusredditpinterestlinkedinFacebooktwittergoogle_plusredditpinterestlinkedin

In this example, you use an external DHCP server to assign IP addresses to your WiFi clients.

The DHCP server assigns IP addresses in the range of 10.10.12.100 to 10.10.12.200. The server is attached to Port 13 of the FortiGate and has an IP address of 10.10.13.254.

1. Configure the FortiGate network interface for the DHCP server

Go to System > Network > Interfaces and edit Port13.

The external DHCP server is on the 10.10.13.0 network, so put the interface on that network.

2. Create the SSID

Go to WiFi Controller > WiFi Network > SSID and configure your wireless network.

The DHCP server assigns IP addresses on the 10.10.12.0 network, so configure the SSID address on this network.

Enable DHCP Server, then expand Advanced and change the mode to Relay. Enter the external DHCP server IP address.

Set up security and authentication for your SSID.

In this case, WPA2 Enterprise authentication allows access only to members of the employees user group.

3. Create the security policies

Create a policy to allow the WiFi network to communicate with the DHCP Server on Port 13.

The source and destination networks are directly visible to each other, so NAT is not required.

Create a policy to allow WiFi clients to connect to the Internet on wan1.

4. Connect and authorize the FortiAP unit

Configure the network interface where the FortiAP will be connected.

Go to WiFi Controller > Managed Access Points > Managed FortiAPs. The FortiAP is listed, with a yellow question mark beside it because the device is not authorized.

Highlight the FortiAP unit on the list and select Authorize. A grey checkmark is now shown beside the FortiAP, showing that it is authorized but not yet online.

Go to WiFi Controller > WiFi Network > FortiAP Profiles and edit the profile, adding your SSID to each radio.

Results

WiFi devices can connect to the Internet. You can see them in the client monitor (WiFi Controller > Monitor > Client Monitor). Note the IP addresses assigned by the external DHCP server.

For further reading, check out the Deploying Wireless Networks in the FortiOS 5.2 Handbook.

Fortinet Technical Documentation

Fortinet Technical Documentation

Contact Fortinet Technical Documentation at techdoc@fortinet.com.
Fortinet Technical Documentation

Latest posts by Fortinet Technical Documentation (see all)

  • Was this helpful?
  • Yes   No
The FortiAP may not appear until a few minutes have passed.