FortiWLC – VLAN Pooling

1 Reply

VLAN Pooling

To reduce big broadcast or risking a chance of running out of address space, you can now enable VLAN pooling in an ESS profile.

VLAN pooling essentially allows administrators to create a named alias using a subset of VLANs thereby creating a pool of address. By enabling VLAN pool, you can now associate a client/device to a specific VLAN. This allows you to effectively manage your network by monitoring appropriate or specific VLANs pools.

Features
  • You can associate up to 16 VLANs to a pool.
  • You can create a maximum of 64 VLAN Pools.
  • You can specify the maximum number of clients that can be associated to a VLAN.
  • The client/device behaviour does not change after it is associates to a VLAN in a pool. If a VLAN is removed from a VLAN pool, clients/devices connected to the VLAN will continue to be associated to the VLAN. However, if the clients disconnect and reconnect the VLAN will change.

VLAN Pooling

Configuration
Using WebUI
Using CLI
  1. Configure VLAN default(config)# vlan vlan10 tag 10 default(config‐vlan)# ip address 10.0.0.222 255.255.255.0 default(config‐vlan)# ip default‐gateway 10.0.0.1

VLAN Pooling

default(config‐vlan)# exit default(config)# exit default# sh vlan vlan10

VLAN Configuration

VLAN Name                             : vlan10

Tag                                   : 10

Ethernet Interface Index              : 1 IP Address                            : 10.0.0.222 Netmask                               : 255.255.255.0

IP Address of the Default Gateway     : 10.0.0.1

Override Default DHCP Server Flag     : off DHCP Server IP Address                : 0.0.0.0

DHCP Relay Pass‐Through               : on

Owner                                 : controller

Maximum number of clients             : 253 2. Configure VLAN Pool default(config)# vlan‐pool vlangroup default(config‐vpool)# tag‐list 10,36 default(config‐vpool)# exit default(config)# exit default# sh vlan‐pool

VLAN Pool Name           Vlan Pool Tag List vlangroup                10,36

VLAN Pool Configuration(1 entry)

 


Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

This entry was posted in Administration Guides, FortiWLC on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

One thought on “FortiWLC – VLAN Pooling

  1. Dan Parr

    Hello There, I was wondering if you have run into any issues with IP Prefix Validation when using vlan Pools for your tunnel interface on an ESS Profile. We are seeing strange behavior where in the station logs we see long client connection times and repeated errors similar to the following:
    IP discovery fails due to prefix mismatch Allowed Range : IP PREFIX = 10.120.208.0with NETMASK = 255.255.248.0 on AP vlan20 interface.
    The VLAN Pool We are are using contains vlans 18,20,21. the discovered IP is valid for vlan18 but it is failing validation against the range for vlan20.
    We are running code version 8.4.2.
    Currently working with Fortinet Support, but would appreciate any feedback.

    Reply

Leave a Reply to Dan Parr Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.