Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

Solved: How ‘Block intra-SSID traffic’ option on ssid configuration works on bridge mode ssid on FortiGate/FortiAP?

This article describes an overview of how ‘Block intra-Ssid traffic’ option on SSID configuration works on the Bridge Mode Ssid as there is slight variation between tunneled and bridged.

Solution

Tunneled mode:

  • Enabling Block intra-SSID traffic will restrict communication between 2 wireless clients connected on same SSID on FortiAPs.
  • In tunneled mode, the traffic will be completely blocked between 2 wireless clients on same SSID irrespective of the client associated FortiAPs (same FortiAP or different FortiAP).

Bridge mode:

  • The traffic between two wireless clients will be blocked when associated to same FortiAP.
  • The traffic will be allowed when wireless clients are associated to different FortiAP’s (though connected to same SSID).
  • Traffic coming to AP-1 through ethernet from AP-2 associated wireless clients, will be treated as wired traffic, hence will not be blocked.

In Simple, Bridge mode SSID with ‘Block intra-SSID traffic’ option enabled,

Wireless clients connected on Same SSID, Same FortiAP — communication blocked
Wireless clients connected on Same SSID, but different FortiAP — communication allowed (traffic will be considered as wired traffic between clients connected on different FortiAP’s. )This option in cli is available as ‘intra-vap-privacy’ under VAP configuration. Example as below,

# config wireless-controller vap
edit test 

intra-vap-privacy – Enable/disable blocking communication between clients on the same SSID (called intra-SSID privacy) (default = disable).

The post Solved: How ‘Block intra-SSID traffic’ option on ssid configuration works on bridge mode ssid on FortiGate/FortiAP? appeared first on PUPUWEB - Information Resource for Emerging Technology Trends and Cybersecurity.



This post first appeared on PUPUWEB - Information Resource For Emerging Technology Trends And Cybersecurity, please read the originial post: here

Share the post

Solved: How ‘Block intra-SSID traffic’ option on ssid configuration works on bridge mode ssid on FortiGate/FortiAP?

×

Subscribe to Pupuweb - Information Resource For Emerging Technology Trends And Cybersecurity

Get updates delivered right to your inbox!

Thank you for your subscription

×