Create New | Create a new SSID. See “To create a new SSID:”. |
Delete | Select to delete the selected SSIDs. See “To delete an SSID or SSIDs:”. |
Import | Select to import SSIDs. See “To import an SSID:”. |
Search | Search the SSIDs by entering a search term in the search field. |
Name | The name given to the SSID. |
SSID | The SSID name that is broadcast. |
Traffic Mode | The traffic mode for the SSID; one of: • Tunnel to Wireless Controller: Data for WLAN passes through the WiFi controller. • Local bridge with FortiAP’s Interface: FortiAP unit Ethernet and WiFi interfaces are bridged. • Mesh Downlink |
Security Mode | The security mode for the SSID; one of: • WPA-Personal: The user must know the pre-shared key value to connect. • WPA-Enterprise: The user must know the user name and password to connect. • Captive Portal: The user connects to the open access point and then must authenticate to use the network. • OPEN |
Data Encryption | The data encryption method for the SSID. |
Maximum Client | The maximum number of clients that can connect to the SSID at one time. |
Name | Enter a name for the SSID. | |
Traffic Mode | Select the traffic mode from the drop-down list. The available options are: Tunnel to Wireless Controller, Local bridge with FortiAP’s Interface, and Mesh Downlink. | |
Common Interface Settings | Select to enable common interface settings. Only available when Traffic Mode is set to Tunnel to Wireless Controller. | |
IP/Netmask | Enter the IP address and network mask. Only available when Traffic Mode is set to Tunnel to Wireless Controller. | |
Administrative Access | Select the allowed administrative service protocols from: HTTPS, HTTP, PING, SSH, Telnet, SNMP, FMG-Access, Auto IPsec Request, and FCT-Access. Only available when Traffic Mode is set to Tunnel to Wireless Controller. | |
Enable DHCP | Select to enable and configure DHCP. Only available when Traffic Mode is set to Tunnel to Wireless Controller. | |
Address Range | Enter the DHCP address range. | |
Netmask | Enter the netmask. | |
Default Gateway | Select Same As Interface IP if the default gateway is the same as the interface IP, or select Specify and enter a new gateway. | |
DNS Server | Select Same As System DNS if the DNS server is the same as the system DNS, or select Specify and enter a DNS server address. | |
MAC Address Access Control List | The MAC address control list allows you to view the MAC addresses and their actions. It includes a default entry for unknown MAC addresses. Select Create New to create a new IP MAC binding. Select an address and then select Edit to edit the default action for unknown MAC addresses or your IP MAC bindings. Select an address or addresses and then select Delete to delete the selected items. The unknown MAC address cannot be deleted. | |
Wireless Settings | ||
SSID | Enter the wireless service set identifier (SSID) or network name for this wireless interface. Users who want to use the wireless network must configure their computers with this network name. | |
Security Mode | Select a security mode. The options are: WEP64, WEP128, WPA/WPA2-PERSONAL, WPA/WPA2-ENTERPRISE, Captive Portal, OPEN, WPA-ONLY-PERSONAL, WAP-ONLY-ENTERPRISE, WPA2-ONLY-PERSONAL, or WPA2-ONLY-ENTERPRISE. Captive Portal is not available if the traffic mode is set to Mesh Downlink. When Traffic Mode is set to Mesh Downlink, the security mode options are: WPA/WPA2-PERSONAL, OPEN, WPA-ONLY-PERSONAL, or WPA2-ONLY-PERSONAL. | |
Key Index | Select 1, 2, 3, or 4 from the drop-down menu. Many wireless clients can configure up to four WEP keys. Select which key clients must use.with this access point. This is available when security is a WEP type. This option is only available when Traffic Mode is set to Tunnel to Wireless Controller or Local bridge with FortiAP’s Interface. | |
Key | Enter 10 Hex digits for the key value. This option is only available when Traffic Mode is set to Tunnel to Wireless Controller or Local bridge with FortiAP’s Interface. | |
Data Encryption | Select the data encryption method. The options are: AES, TKIP, and TKIP-AES. This option is only available when the security mode is set to WPA. | |
Pre-shared Key | Enter the pre-shared key for the SSID. This option is only available when the security mode is set to WPA-Personal. | |
Detect and Identify Devices | Select to enable or disable detect and identify devices. When this setting is configured as enable, you can select to Add New Devices to Vulnerability Scan List. | |
Authentication | Select the authentication method for the SSID, either a RADIUS server or a user group, then select the requisite server or group from the respective drop-down list. This option is only available when the security mode is set to WPA-Enterprise. | |
Customize Portal Messages | Select to allow for customized portal messages. This option is only available when the security mode is set to Captive Portal. | |
User Groups | Select the user groups to add from the Available user group box. Use the arrow buttons to move the desired user groups to the Selected user groups box. This option is only available when the security mode is set to Captive Portal. | |
Block Intra-SSID Traffic | Select to block intra-SSID traffic. This option is only available when Traffic Mode is set to Tunnel to Wireless Controller. | |
Maximum Clients | Select to limit the concurrent WiFi clients that can connect to the SSID. If selected, enter the desired maximum number of clients. Enter 0 for no limit. This option is only available when Traffic Mode is set to Tunnel to Wireless Controller or Local bridge with FortiAP’s Interface. | |
Advanced Options | Configure advanced options for the SSID. | |
broadcast-ssid | Enable broadcast of the SSID. Broadcasting the SSID enables clients to connect to your wireless network without first knowing the SSID. For better security, do not broadcast the SSID. | |
broadcast-suppression | Prevent ARP or DHCP messages being carried to other access points carrying the same SSID. Select DHCP and/or ARP broadcast suppression. | |
dynamic-vlan | Enable dynamic VLAN assignment for users based RADIUS attribute. | |
external-fast-roaming | Enable or disable pre-authentication with external non-managed access points. | |
fast-roaming | Select to enable or disable fast roaming. Enabling fast-roaming enables pre-authentication where supported by clients. | |
gtk-rekey-intv | Set the WPA re-key interval. Some clients may require a longer interval. Range 60 to 864 000 seconds. | |
local-authentication | Enable authentication of clients by the FortiAP unit if the wireless controller is unavailable. This applies only if security is a WPA-Personal mode and local-bridging is enabled. | |
local-switching | Enable or disable bridging of local VAP interfaces. | |
me-disable-thresh | Set the multicast enhancement threshold. Enter the threshold value in the text field. | |
multicast-enhance | Select to enable or disable multicast enhance. | |
portal-message-override-group | Select the portal message override group from the drop-down menu. | |
ptk-rekey-intv | Enter the re-key interval value in the text field. | |
radius-mac-auth | Select to enable or disable RADIUS MAC authentication. | |
radius-mac-auth-server | Select the RADIUS MAC authentication server from the drop-down list. | |
vlan-auto | Select to enable or disable automatic VLAN assignment for authenticated users of this SSID. | |
vlanid | Enter the VLAN ID in the text field. Enter 0 is VLANs are not used. |
Import from device | Select a device from which to import the SSID or SSIDs from the drop-down list. This list will include all the devices available in the ADOM. | |
Virtual Domain | Is applicable, select the virtual domain from which the SSIDs will be imported. | |
Available Objects List | The available objects that can be imported. Select an object or objects and then select the down arrow to move the selected object or objects to the Selected Objects List. | |
Selected Objects List | The objects that are to be imported. To remove an object or objects from the list, select the object or objects and then select the up arrow. The selected items will be moved back to the Available Objects List. | |
New Name | Select to create a new name for the object or objects that are being imported, and then enter the name in the field. |