I have a unique case. I have a AIO 1930 switch, 5 AP22 APs and 1 AP27 AP and use the cloud portal for configuration and monitoring. This network is sitting behind a Fortigate Firewall. I need to configure a special wireless network specific for solar panel arrays to connect to, and then allow access through my firewall for our solar vendor to access these panel arrays. I don't want them to have any other access other than to jus the arrays that are connected to a WiFi network, only on the AP27. I was thinking of the following, but don't know how to implement it, and I need help.
My main network is 10.35.0.0/24 on interface 1 (port 1) on the Fortigate which is connected to Port 24 on my 1930. My 1930 has one wired network called "ESNC" and one wireless network called "ESNC_WiFI" on this IP range. DHCP is handled by the Fortigate. I was thinking to create a new VLAN on my Fortigate called "Solar" and assign it to Port 2 on the Fortigate, with a IP network of 10.35.10.0/24. Then creating a VLAN on the 1930 called "Solar", assigning the AP27 device to that VLAN with a wireless network called "SolarWiFi" Connect the solar arrays to that WiFi network and connecting the 1930 VLAN to the Fortigate VLAN. Allowing VPN connectivity through my Fortigate to the 10.35.10.0 network only so that the vendor can VPN in and see only the solar VLAN and the solar arrays. They cannot see ESNC or any other networks or devices on my larger network.
How do I create the necessary VLANs, configure the AP27, etc. to make this all work? Any help or guidance would be greatly appreciated.
------------------------------
John Heimann
------------------------------