Fortigate

Following on from a previous post on how to setup a VLAN on a Fortigate hardware switch, this post is going to explain how we can link an AP-bridge SSID to a hardware switch and VLAN. For the most part, the only reference material you will need to complete this configuration can be found here: https://docs.fortinet.com/document/fortiap/6.4.0/fortiwifi-and-fortiap-cookbook/252439/configuring-the-fortigate-interface-to-manage-fortiap-units. However, if you have been working with Fortigates and by extension FortiOS for quite some time, you may be wonder where the CAPWAP option vanished to?...

In this post, we are going to discuss how to add a VLAN to a hardware (sometimes referred to as physical) switch or interface on a Fortigate. It is worth noting that I actually do my testing on a FortiWifi, so I can assure you that this also applies there too. I will be focusing on the configuration which is relevant to FortiOS v6.0 and above, so your millage vary between versions....

A short and sweet problem/resolution. If you are looking to enable subnet overlapping on a Fortigate so that you can give multiple interfaces an IP in the same subnet, this is the post for you. NOTE: This feature can only be enabled in the Fortigate’s CLI. To enable the overlapping feature, enter the following commands: config system settings set allow-subnet-overlap [enable/disable] end What is subnet overlapping? Subnet overlapping is disabled by default in fortiOS and for good reason; if you misuse subnet overlapping it can cause massive routing issues for your clients and their traffic....

If you are unfortunate enough to have to deal with double NAT on your gateway then you might know the troubles surrounding portforwarding or VIPs. Here is a quick how to guide for setting up a port forward on a Forgate where double NAT is inplace. Case Study – Plex port forward Plex is a great tool for managing your personal media collection and it gets even better when you enable a port forward to let you access this collection from anywhere in the world....