I'm setting up a test environment for feasibility testing before deployment, and have the following configuration:

FortiGate 60F > DHCP scope 10.50.1.x on port 1, DHCP scope 192.168.80.x on port 2
 

TL-SG3428MP > port 1 connected to FortiGate port 1, port 2 connected to FortiGate port 2

Ruckus R710 in "Unleashed", connected to port 23 on the TP-Link switch

Tagged port 1, untagged 3-20, tagged port 21-24 as VLAN 1400 for "internal" traffic

Tagged port 2, 21-24 as VLAN 1500 for "guest" traffic

Enabled DHCP L2 relay for VLANs 1400 and 1500, with the gateway IPs

I've managed to get DHCP working from the FortiGate to the TP-Link - system connected on port 3 gets DHCP, and can talk to everything on the network, also confirmed the Ruckus is getting two IP addresses from the FortiGate.

I configured two wifi networks on the Ruckus, with the VLANs for each.

When I connect to either wifi network, it shows the client but never receives an IP address to complete the connection.

Is my failure at the FortiGate side, not knowing what the VLAN is requesting (which I thought the relay would resolve), configuration of the switch (I'm used to tagging/untagging on Brocade switches, and PVID is really not making sense), or the Ruckus side (which I can open a support ticket)?

Thanks in advance!