LAN edge

LAN edge

The LAN chapter explains how to create and use the following key components:

FortiGate	Interfaces:	Use:
	porta	FortiLink
	Firewall policies:	Use:
	Branch LAN to HQ	From the Branch subnet to HQ subnets
	HQ to Branch LAN	Inverse of the above rule
	Branch business to internet	Branch business destined for Internet resources
	Branch guest to internet	Branch guest internet access
FortiSwitch	Interfaces:	Use:
	port1	Voice
	port2	Security_Camera
	port3	Guest (wireless)
	port4	Staff (wireless)
	port5	Point of sale
	port8	FortiLink
	VLANs:	Use:
	VLAN 10	AP VLAN
	VLAN 100	Point of sale
	VLAN 200	Security_Camera
	VLAN 300	Guest (wireless)
	VLAN 400	Staff (wireless)
	VLAN 500	Voice
FortiAP	SSID:	Use:
	ACME Staff	Corporate wireless
	ACME Guest	Internet-only wireless

Following is an overview of how to configure the WAN edge:

Configure FortiSwitch. See FortiSwitch.
Configure FortiAP. See FortiAP.
Configure firewall policies for security. See Security.

LAN edge

The LAN chapter explains how to create and use the following key components:

FortiGate

Interfaces:

Use:

porta

FortiLink

Firewall policies:

Use:

Branch LAN to HQ

From the Branch subnet to HQ subnets

HQ to Branch LAN

Inverse of the above rule

Branch business to internet

Branch business destined for Internet resources

Branch guest to internet

Branch guest internet access

FortiSwitch

Interfaces:

Use:

port1

Voice

port2

Security_Camera

port3

Guest (wireless)

port4

Staff (wireless)

port5

Point of sale

port8

FortiLink

VLANs:

Use:

VLAN 10

AP VLAN

VLAN 100

Point of sale

VLAN 200

Security_Camera

VLAN 300

Guest (wireless)

VLAN 400

Staff (wireless)

VLAN 500

Voice

FortiAP

SSID:

Use:

ACME Staff

Corporate wireless

ACME Guest

Internet-only wireless

Following is an overview of how to configure the WAN edge:

Configure FortiSwitch. See FortiSwitch.

Configure FortiAP. See FortiAP.

Configure firewall policies for security. See Security.

SD-WAN / SD-Branch Deployment Guide

LAN edge

LAN edge