Configuring a WiFi LAN

DHCP Server

To assign IP addresses to clients, enable DHCP server. You can define IP address ranges for a DHCP server on the FortiGate unit or relay DHCP requests to an external server.

If the unit is in transparent mode, the DHCP server settings will be unavailable. For more information, see Configuring DHCP for WiFi clients on page 835.


Device Detection     Detect connected device type. Enabled by default.

Active Scanning      Enabled by default.

WiFi Settings

SSID                          Enter the SSID. By default, this field contains fortinet.

Security Mode         Select the security mode for the wireless interface. Wireless users must use the same security mode to be able to connect to this wireless interface. Additional security mode options are available in the CLI. For more information, see Configuring security on page 836.

Captive Portal – authenticates users through a customizable web page.

WPA2-Personal – WPA2 is WiFi Protected Access version 2. There is one pre-shared key (password) that all users use.

WPA2-Personal with Captive Portal – The user will need to know the pre-shared key and will also be authenticated through the custom portal.

WPA2-Enterprise – similar to WPA2-Personal, but is best used for enterprise net- works. Each user is separately authenticated by user name and password.

Preshared Key        Available only when Security Mode is WPA2-Personal. Enter the encryption key that the clients must use.

Authentication         Available only when Security Mode is WPA2-Enterprise.

Select one of the following:


RADIUS Server — Select the RADIUS server that will authenticate the clients.

Local – Select the user group(s) that can authenticate.

Portal Type               Available only when Security Mode is Captive Portal. Choose the captive portal type. Authentication is available with or without a usage policy disclaimer notice.



Local – portal hosted on the FortiGate unit

External – enter FQDN or IP address of external portal

User Groups            Select permitted user groups for captive portal authentication.

Exempt List              Select exempt lists whose members will not be subject to captive portal authen- tication.

Customize Portal


Click the listed portal pages to edit them.

Redirect after

Captive Portal

Optionally, select Specific URL and enter a URL for user redirection after captive portal authentication. By default, users are redirected to the URL that they originally requested.

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Don't Forget To visit the YouTube Channel for the latest Fortinet Training Videos and Question / Answer sessions!
- FortinetGuru YouTube Channel
- FortiSwitch Training Videos