Fortinet black logo

SD-WAN Architecture for Enterprise

Important terms for FortiAP

7.0.0
Copy Link
Copy Doc ID 7030e0d2-4287-11ec-bdf2-fa163e15d75b:749605
Download PDF

Important terms for FortiAP

The following terms are important to understand FortiAP:

  • FortiAP is the hardware used to aggregate the wireless connections on the LAN edge, providing different access modes, radio configuration capabilities, and all the current cutting-edge WiFi enhancements (depending on the model.)
  • FortiAP firmware is the operating system, CLI, and control system of FortiAP.
  • Tunnel mode is the default mode for a FortiAP. A FortiAP in tunnel mode uses a wireless-only subnet for wireless traffic and transports the traffic from the AP to the FortiGate in an encapsulated way.
  • Bridge mode When a FortiAP is in Bridge mode, the Ethernet and WiFi interfaces are connected (or bridged), allowing wired and wireless networks to be on the same subnet. In essence, the WiFi traffic will be mapped with one or multiple VLANs on the FortiSwitches.
  • Segmentation or SSID can easily be applied as the capability to create multiple VLANs and SSIDs. An SSID is a WiFi LAN identifier to separate different network segments, achieving a better network design and minimizing the spread of potential breaches at Layer 2. Each SSID can be used in Tunneled or Bridge mode. FortiSwitch VLANs can be automatically populated in this case by using the embedded NAC to activate the port with the correct settings.

Important terms for FortiAP

The following terms are important to understand FortiAP:

  • FortiAP is the hardware used to aggregate the wireless connections on the LAN edge, providing different access modes, radio configuration capabilities, and all the current cutting-edge WiFi enhancements (depending on the model.)
  • FortiAP firmware is the operating system, CLI, and control system of FortiAP.
  • Tunnel mode is the default mode for a FortiAP. A FortiAP in tunnel mode uses a wireless-only subnet for wireless traffic and transports the traffic from the AP to the FortiGate in an encapsulated way.
  • Bridge mode When a FortiAP is in Bridge mode, the Ethernet and WiFi interfaces are connected (or bridged), allowing wired and wireless networks to be on the same subnet. In essence, the WiFi traffic will be mapped with one or multiple VLANs on the FortiSwitches.
  • Segmentation or SSID can easily be applied as the capability to create multiple VLANs and SSIDs. An SSID is a WiFi LAN identifier to separate different network segments, achieving a better network design and minimizing the spread of potential breaches at Layer 2. Each SSID can be used in Tunneled or Bridge mode. FortiSwitch VLANs can be automatically populated in this case by using the embedded NAC to activate the port with the correct settings.