Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Admin Guide (FGT-Managed)

    Home FortiExtender 7.2.0 Admin Guide (FGT-Managed)
    7.2.0
    7.6.0
    7.4.4
    7.4.1
    7.4.0
    7.2.5
    7.2.0
    7.0.3
    7.0.2
    7.0.1

    CAPWAP on multiple ports for broadcast discovery

    CAPWAP on multiple ports for broadcast discovery

    Starting from Version 4.2.1, FortiExtender is able to discover FortiGate on multiple interfaces. It achieves this by sending discovery messages on multiple ports (port1, port2, port3, and port4), one at a time, until it has successfully connected with a FortiGate.

    config system management fortigate

    set ac-discovery-type broadcast

    set ac-ctl-port 5246

    set ac-data-port 25246

    set discovery-intf lan port4

    set ingress-intf

    end

    By default, FortiExtender starts the discovery process with the LAN ports (port1 through port3) first. If it fails to establish a connection after several attempts, it will move on to port4. If it fails on port4, it will go back to the LAN ports and start the process all over again.

    A LAN interface has a static IP of 192.168.200.99 and a DHCP server IP of 192.168.200.110 — 192.168.200.210. We recommend connecting to the WAN port on FortiGate for ZTP.

    The port4 interface is set for DHCP mode, and must be connected to the internal port on the FortiGate to obtain an IP address for the CAPWAP tunnel, which is the same as in previous versions.

    Previous
    Next

    CAPWAP on multiple ports for broadcast discovery

    CAPWAP on multiple ports for broadcast discovery

    Starting from Version 4.2.1, FortiExtender is able to discover FortiGate on multiple interfaces. It achieves this by sending discovery messages on multiple ports (port1, port2, port3, and port4), one at a time, until it has successfully connected with a FortiGate.

    config system management fortigate

    set ac-discovery-type broadcast

    set ac-ctl-port 5246

    set ac-data-port 25246

    set discovery-intf lan port4

    set ingress-intf

    end

    By default, FortiExtender starts the discovery process with the LAN ports (port1 through port3) first. If it fails to establish a connection after several attempts, it will move on to port4. If it fails on port4, it will go back to the LAN ports and start the process all over again.

    A LAN interface has a static IP of 192.168.200.99 and a DHCP server IP of 192.168.200.110 — 192.168.200.210. We recommend connecting to the WAN port on FortiGate for ZTP.

    The port4 interface is set for DHCP mode, and must be connected to the internal port on the FortiGate to obtain an IP address for the CAPWAP tunnel, which is the same as in previous versions.

    Previous
    Next