When you add an SSID to a FortiAP network, you can assign a generic routing encapsulation (GRE) tunneling or a Layer 2 Tunneling Protocol (L2TP) profile to that SSID. The configured GRE tunnel profile encapsulates data traffic from wireless and wired clients between the FortiAP and a GRE concentrator, for example, a router.
The configured L2TP profile allows Internet Service Providers (ISP) to enable VPN services using an encryption protocol. Traffic is encrypted within the tunnel that is established between the FortiAP and an L2TP access concentrator.
Note: You cannot delete a tunnel profile if it is being used by an SSID.
Complete the Adding a FortiAP network to FortiAP Cloud procedure.
- On the FortiAP Cloud Home page, select the FortiAP network to which you want to add the tunnel profile.
- In the Menu bar, click Configure.
- In the Navigation pane, click tunnel Profile.
- Click Add Tunnel Profile.
- Complete the following fields:
Enter a unique name for the tunnel. The name can be from 1 to 32 characters.
Select GRE or L2TP as the tunnel type.
Tunnel IP address
Enter the IP address of the Wireless Access Gateway (WAG), the tunnel remote end. Only IPv4 address format is supported.
Enter the tunnel port when using L2TP.
Configure the following fields to monitor the tunnel.
Enter the frequency at which ping requests are sent to check the status of the tunnel. The valid range is 1 – 65535 seconds; default is 1 second.
Enter the number of ping requests sent at the configured interval. The valid range is 1 – 65535; default is 5.
Recv pkt timeout
Enter the duration for which the devices wait for the ping response; after this the ping request times out. The valid range is 1 – 65535 seconds; default is 160 seconds.
DHCP Server IP Address
Optionally, enter the DHCP server IP address.
- To complete the addition of the tunnel profile, click Apply.