Okay, I feel the need to write this because I just upgraded from FortiOS 5.4.0 to FortiOS 5.4.1 on my FortiGate 90D-POE, and my FortiAP couldn’t handle it. I actually had to completely reconfigure my FortiGate from scratch, as I lost everything but console access whenever I would attempt to import my configuration. Before we begin: You have two SSID types you can configure I chose “Bridge to FortiAP’s local interface” for my main WiFi network for two reasons: A) This Fortinet doc says “Bridge mode is more efficient than Tunnel mode, as it uses the CAPWAP tunnel for authentication only” B) A post in this Reddit thread suggests that tunneled APs use more system resources than a bridged AP I chose “Tunnel to wireless controller” for my guest network because I want to apply different levels of UTM to guests than I do to my own WiFi traffic, and if I bridge both SSIDs to the FortiAP interface, I can’t apply separate UTM policies.

Will Coquillette

“A graphical representation of data abstracted from the banks of every computer in the human system. Unthinkable complexity. Lines of light ranged in the non-space of the mind, clusters and constellations of data. Like city lights, receding…” - William Gibson

Information Security