Fortinet Fortiwifi 60D wired+wlan same subnet

[remixedcat]

Is there a way to make the wired network share the same IP range as the wired without redoing ALL the interfaces and clearing ALL DHCP and ALL policies?

I want the wired and the wireless to BOTH have 192.168.3.xxx range.

CLI or GUI options I'm comfy with.

 

[Nicklebon]

Not sure it can be done but for certain not without wiping the policies.

That said why would any sane person ever want to do it? It is a horrible idea.

 

[remixedcat]

How is it a bad idea?? Everyone has different network needs...

 

[Nicklebon]

It's a bad idea because wireless tend to be mobile and therefore exposed to more attack vectors than none mobile wired devices. It also a bad idea as many wireless devices can be dual homed to cellular networks while connected to your wifi network.

What is it you're actually trying to acomplish that would make you want to do such a thing?

Again I'm not sure your device can it but look into creating a soft switch with the wifi interface and whatever other interfaces you wish to add as members.

You will absolutely have to redo policies and dhcp. Since you would be in effect creating a new interface on which to apply a policy.

 

[remixedcat]

Well the people on the laptops want to access resources on wired servers and also some deployment software and monitoring software require to be on the sane subnet. Guests are typically handled by VLANs and I don't know why fortinet decides to assume everyone wants to separate by default...

 

[Nicklebon]

Well the people on the laptops want to access resources on wired servers and also some deployment software and monitoring software require to be on the sane subnet. Guests are typically handled by VLANs and I don't know why fortinet decides to assume everyone wants to separate by default...

Access to resources is accomplished by routing and policy.

What kind of low rent management software are you using that would require the same all devices be on the same subnet? I've used a lot bad management software over the years but a limitation of only working on a single network is unacceptable for any business software.

As for why fortinet would assume logical separation ... For the same reason the default rule is drop. As a security device that's exactly what it should do.

 

[Nicklebon]

btw a quick google search resulted in this:

http://docs-legacy.fortinet.com/cb/...ireless/wireless-bridging-WiFi-and-wired.html

Looks like you can use a soft switch to do what you want.

 

[remixedcat]

This is not on my network so I don't know what software they are using...