Configuring Management Interfaces
The Management Interfaces table (Configuration > Devices > System Settings > Management Interfaces) allows the user to control how traffic is sent from the controller to the wireless network. Refer to the following sections for each tab in the table.
Physical Interfaces
The Physical Interfaces table is where the user may configure the IP information for the physical Ethernet ports on the controller. The number of ports that may be configured will vary depending on the controller model purchased.
Add a Physical Interface
To configure a new physical interface, follow the steps below:
- From the Physical Interfaces table, click Add. The Management Interface-Add window appears.
Configuring Management Interfaces
Figure 39: Adding a Physical Interface
- Add in the required data as described in the table below.
| Field | Description |
| Interface Number | The number for the desired interface. |
| Assignment Type | Specifies whether the interface utilizes a Static or Dynamic IP address. |
| IP Address | If using a static IP, enter the IP address to be used by the interface. |
| NetMask | If using a static IP, enter the NetMask for the interface. |
| Gateway Address | If using a static IP, enter the gateway address for the interface. |
| Interface Mode | Specify whether the interface will be a active redundant. |
- Click Save to save the interface. Note that the controller must be rebooted in order to apply the changes.
VLAN Interfaces
VLAN Interfaces allow the user to specify VLANs that are to be used specifically for Management traffic on the network. This traffic includes:
- Communications between the controller and APs or controller to controller Access to the WebUI or CLI
Configuring Management Interfaces
- SNMP traffic
- Communications to the Network Management server and any additional Fortinet applications (SAM, Spectrum Manager, etc)
- Syslog messages
- Authentication server traffic (RADIUS, TACACS+, etc)
- NTP communications
Using this functionality, users can isolate management traffic from the rest of the network and route it specifically to the devices for which it is intended. Follow the steps in the section below to create a VLAN interface.
Add a Management VLAN Interface
- From the VLAN Interfaces table, click Add. The Management Interface-Add window appears.
Figure 40: Adding a VLAN Interface
- Add in the required data as described in the table below.
| Field | Description |
| VLAN Name | Enter a name for the VLAN. |
| Interface Number | The physical interface number to be used.
Note: Management VLANs must utilize Interface number 1, so this field cannot be modified. |
| Tag | Enter a tag for the VLAN. |
Configuring Management Interfaces
| Field | Description |
| IP Address | Enter the IP address to be used by the VLAN. |
| NetMask | Enter the NetMask for the VLAN. |
| Default Gateway | Enter the gateway to be used by the VLAN. |
| Assignment Type | Management VLANs can only be implemented on static IP addresses, so this field cannot be changed. |
| Interface Mode | Management VLANs can only operate on Active interfaces, so this field cannot be changed. |
- Click Save to save the VLAN. The new VLAN will appear in the VLAN Interfaces table.
Using Static Routes
Static routes allow the system administrator to manually define the adapters that are permitted access to configured subnets. This is of particular use in smaller deployments where only a few routes are needed, or in larger ones where certain subnets must be kept separate from each other. Static routing can also be advantageous in that it doesn’t require the processing power that dynamic routes (in which the network router automatically determines the best delivery path for packets) can.
To view the static route table, access the WebUI and navigate to Configuration > Devices > System Settings > Management Interfaces > Static Route. Figure 41: Static Route Table
Adding a Static Route
To create a new static route, access the Static Route Table and click Add. The Static Route Configuration – Add screen appears.
Configuring Management Interfaces
Figure 42: Creating a Static Route
Provide the required details as described in the following table.
TABLE 12: Static Route Fields
| Field | Description |
| Static Route Name | Enter a descriptive name for the route. Note that this must be between 1 and 16 characters in length. |
| IP Address/Subnet | Enter the subnet for which the route provides access. This is typically in the xxx.xxx.xxx.0 format, as shown above. |
| Subnet Mask | Enter the subnet mask for the route. This is typically in the 255.255.255.0 format, as shown above. |
| FastEthernet | Use this drop-down to specify which Ethernet adapter will utilize the route. The specified adapter will subsequently gain access to the configured subnet. |
| Interface Name | The name of the interface used for the route. |
| Default Gateway | The default gateway for the route. |
Once the fields are filled in, click OK to save the route. Repeat this process for as many routes as desired.