Configuring Wireless LAN Security
In Wireless LAN System, Layer 2 and Layer 3 security options are enforced by creating Security Profiles that are assigned to an ESSID. As such, they can be tailored to the services and the structure (virtual Port, Virtual Cell, etc.) offered by the ESSID and propagated to the associated APs. Security profiles for a controller can also be configured from E(z)RF Network Manager. You can tell where a profile was configured by checking the read-only field Owner. The Owner is either E(z)RF or controller. The general security configuration tasks are as follows:
- Create VLANs to keep the client traffic in each SSID secure and separate from clients in other SSIDs. See the chapter
- Set up the Certificate Server or RADIUS server configuration (see the RADIUS server documentation for instructions).
- Configure Security Profiles based on the type of security required (continue with the following sections).
- Configure one or more ESSIDs (see the chapter Configuring an ESS for directions) and assign the VLAN and Security Profile to them.
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!