To create a new SSID (Tunnel to wireless controller):
- From the SSIDs page, select Create New in the toolbar. The New SSID window opens.
New SSID
Enter the following information:
| Name | Type a name for the SSID. | |
| Traffic Mode | Select Tunnel to Wireless Controller from the drop-down list. |
| Common Interface Settings | Select to enable common interface settings. |
| IP/Netmask | Type the IP address and network mask. |
| IPv6 Address | Type the IPv6 address. |
| Administrative Access | Select the allowed administrative service protocols from: HTTPS, HTTP, PING, FMG-Access, SSH, SNMP, TELNET, Auto IPsec Request, and FCT-Access. |
| IPv6 Administrative Access | Select the allowed administrative service protocols from: HTTPS, HTTP, PING, FMG-Access, SSH, SNMP, TELNET, CAPWAP. |
| Enable DHCP | Select to enable and configure DHCP.
This settings is only available when Traffic Mode is set to Tunnel to Wireless Controller. |
| Address Range | Type the DHCP address range. |
| Netmask | Type the netmask. |
| Default Gateway | Select Same As Interface IP if the default gateway is the same as the interface IP, or select Specify and type a new gateway IP address. |
| DNS Server | Select Same As System DNS if the DNS server is the same as the system DNS, or select Specify and type a DNS server address. |
| MAC Address Access Control
List |
The MAC address control list allows you to view the MAC addresses and their actions. It includes a default entry for unknown MAC addresses.
l Select Create New to create a new IP MAC binding. l Select an address and then select Edit to edit the default action for unknown MAC addresses or your IP MAC bindings. l Select an address or addresses and then select Delete to delete the selected items. The unknown MAC address cannot be deleted. |
| WiFi Settings | |
| SSID | Type the wireless service set identifier (SSID) or network name for this wireless interface. Users who want to use the wireless network must configure their computers with this network name. |
| Security Mode | Select a security mode. The options are: WEP64, WEP128,
WPA/WPA2-PERSONAL, WPA/WPA2-ENTERPRISE, Captive Portal, OPEN, WPA-ONLY-PERSONAL, WAP-ONLYENTERPRISE, WPA2-ONLY-PERSONAL, orWPA2-ONLYENTERPRISE. |
| Key Index | Select 1, 2, 3, or 4 from the drop-down menu.
Many wireless clients can configure up to four WEP keys. Select which key clients must use.with this access point. This is available when security is a WEP type. |
| Key | Type 10 Hex digits for the key value. |
| Data Encryption | Select the data encryption method. The options are: AES, TKIP, and TKIP-AES.
This option is only available when the security mode is set to WPA. |
| Pre-shared Key | Type the pre-shared key for the SSID.
This option is only available when the security mode is set to WPA-Personal. |
| Detect and Identify Devices | Select to enable or disable detect and identify devices. When this setting is configured as enable, you can select to Add New Devices to Vulnerability Scan List. |
| Authentication | Select the authentication method for the SSID, either a RADIUS server or a user group, then select the requisite server or group from the respective drop-down list.
This option is only available when the security mode is set to WPAEnterprise. |
| Customize Portal Messages | Select to allow for customized portal messages.
This option is only available when the security mode is set to Captive Portal. |
| User Groups | Select the user groups to add from the Available user group box. Use the arrow buttons to move the desired user groups to the Selected user groups box.
This option is only available when the security mode is set to Captive Portal. |
| Block Intra-SSID Traffic | Select to block intra-SSID traffic. |
| Split Tunneling | Select to enable split tunneling. |
| Maximum Clients | Select to limit the concurrent WiFi clients that can connect to the SSID. If selected, type the desired maximum number of clients. Type 0 for no limit. |
| Optional VLAN ID | Select the VLAN ID in the text field using the arrow keys. Select 0 if VLANs are not used. |
| Detect and Identify Devices | Select to detect and identify devices connecting to the SSID. |
| Add New Devices to Vulnerability Scan List | Select to add new devices to the vulnerability scan list.
This options is only available when Detect and Identify Devices is enabled. |
- Select OK to create the SSID.
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!