NTPC ip
- 172.18.0.0/16
- 163.20.0.0/16
- 163.20.1.82 kms.ntpc.edu.tw
- 203.72.0.0/16
Fortigate
- ECMP
- I have two interface as wan. One is TANet NTPC(100M/100M) the other is HiNet ADSL(50M/5M). Testing the best load balance setting now.
- Port5 NTPC(Administrative Distance set to 10 in Static Route, and add a static route which makes Port5 as default gateway; Port10 ADSL(Distance 10)
- Static Route -> setting -> ECMP , set port5 100 and port10 200, and I'm NOT YET KNOWE the best balue, trying now.
- keep an eye on Routing Monitor, it helps a lot. You'll see two default route(0.0.0.0/0) there, they have the same distance.
- Soft phone in Forti SSID(ippbx)
- don't use tunnel mode, must be "Local bridge with FortiAP's Interface" mode.
- bridge to local lan, assign a vlan id according to local switch setting.
- additional access control, using "Winoc" as Radius mac auth server, Winoc is provided by NTPC(seeting in User & Device->Authentication->RADIUS Servers)
- Security mode set to open in CLI
- # config wireless-controller vap
- (vap) # edit ippbx
- (ippbx) # set security open
- (ippbx) # set radius-mac-auth-auth enable
- (ippbx) # set radius-mac-auth-auth-server "Winoc"