Technical Tip: FortiAP replacement
Description
This article describes how a replacement FortiAP can clone old FortiAP’s wireless configuration.
Solution
The FortiAP replacement feature has one CLI command: # exe replace-device fortiap <old-SN><new-SN>.
When the command is executed, The new FortiAP can clone the old FortiAP's whole wireless configuration, and the old FortiAPs entry is deleted from FortiGate/FortiWifi.
# execute replace-device fortiap "FP421ETF18-----7" "FP421ETF18-----6
Where 'FP421ETF18-----7' is the old FortiAP serial number and “FP421ETF18-----6' is the new FortiAP serial number.
Note.
Old & new FortiAPs are the same model.
Sample example.
1) From FortiGate/FortiWifi CLI.
FG200E4Q16-----6 # sh wireless-controller wtp
# config wireless-controller wtp
edit "FP421ETF18-----6"
set admin discovered <----- New FortiAP, admin status is discovered ( not be authorized yet).
set wtp-profile "FAP421E-default"
# config radio-1
end
# config radio-2
end
next
edit "FP421ETF18-----7" <----- Old FortiAP.
set admin discovered
set name "ap-5323"
set wtp-profile "FAP421E-default"
set override-led-state enable
set led-state disable
# config radio-1
set override-channel enable
set channel "1" "6" "11"
end
# config radio-2
end
next
end
FG200E4Q16-----6 # execute replace-device fortiap "FP421ETF18-----7" "FP421ETF18-----6" <----- Run command to use new FortiAP to replace old FortiAP.
Old FAP FP421ETF18-----7 is replaced by new FAP FP421ETF18-----6.
FG200E4Q16-----6 # sh wireless-controller wtp
edit "FP421ETF18-----6" <----- New FortiAP has cloned all wireless configurations from old FortiAP.
set admin enable
set name "ap-5323"
set wtp-profile "FAP421E-default"
set override-led-state enable
set led-state disable
# config radio-1
set override-channel enable
set channel "1" "6" "11"
end
# config radio-2
end
next
end
2) From FortiGate/FortiWifi CLI.
FG200E4Q16-----6 # diagnose wireless-controller wlac -c wtp <----- This checks that the old FortiAP entry has been deleted from the daemon, and the new FortiAP entry has been added to the daemon.
-------------------------------WTP 1----------------------------
WTP vd : root
vfid : 0
id : FP421ETF18-----6
mgmt_vlanid : 0
region code : E
regcode status : invalid
refcnt : 3 own(1) wtpprof(1) ws(1)
plain_ctl : disabled
deleted : no
image-dl(wtp,rst): yes,no
admin : enable
cfg-wtp-profile : FAP421E-default
override-profile : enabled
oper-wtp-profile : resv-dflt-FP421ETF18-----6
wtp-mode : normal
bonjour-profile :
wtp-group :
name : ap-5323
location :
led-blink : disabled
led-state : disabled
poe-mode : auto
poe-mode-oper : 8023at
ext-info-enable : disabled
ip-frag-prevent : TCP_MSS
tun-mtu : 0,0
split-tunneling-acl-path : local
split-tunneling-local-ap-subnet : disabled
energy-efficient-ethernet : disabled
active sw ver : FP421E-v6.2-build0277
local IPv4 addr : 1.1.1.2
board mac : 70:4c:a5:95:84:a8
join_time : Thu Apr 30 05:30:27 2020
mesh-uplink : ethernet
mesh hop count : 0
parent wtp id :
connection state : Connected
image download progress: 0
last failure : 0 -- N/A
last failure param:
last failure time: N/A
station info : 0/0
geo : World (0)
LLDP : disabled
SNMP : disabled
Radio 1 : AP
country name : GB
country code : 826
radio_type : 11N
channel list : 1 6 11
darrp : enabled
airtime fairness : disabled
txpower : 100% (calc 31 oper 0 max 31 dBm)
beacon_intv : 100
rts_threshold : 2346
frag_threshold : 2346
ap scan : background scan (regular)
ap scan passive : disabled
bgscan oper : enabled
bgscan period : 600
bgscan intv : 1
bgscan dur : 20
bgscan idle : 0
bgscan rptintv : 30
sensor mode : both
WIDS profile : default
max vaps : 8
base bssid : 70:4c:a5:95:84:b0
oper chan : 0
noise_floor : 0
chutil : disabled
oper chutil time : N/A
oper chutil data : N/A
station info : 0/0
Radio 2 : AP
country name : GB
country code : 826
radio_type : 11AC
channel list : 36 40 44 48 52 56 60 64 100 104 108 112 116 120 124 128 132 ...
darrp : enabled
airtime fairness : disabled
txpower : 100% (calc 31 oper 50 max 31 dBm)
beacon_intv : 100
rts_threshold : 2346
frag_threshold : 2346
ap scan : background scan (regular)
ap scan passive : disabled
bgscan oper : enabled
bgscan period : 600
bgscan intv : 1
bgscan dur : 20
bgscan idle : 0
bgscan rptintv : 30
sensor mode : both
WIDS profile : default
max vaps : 8
base bssid : 70:4c:a5:95:84:b8
oper chan : 0
noise_floor : 0
chutil : disabled
oper chutil time : N/A
oper chutil data : N/A
station info : 0/0
Radio 3 : Not Exist
WAN/LAN stats : lan2 bytes rx 0 tx 0 packets rx 0 tx 0 dropped rx 0 tx 0
WAN/LAN stats : lan1 bytes rx 188013081 tx 20886843 packets rx 415096 tx 73039 dropped rx 84714 tx 0
uplink status :
lan1 carrier=1, speed=1000, duplex=full
lan2 carrier=0, speed=0, duplex=
-------------------------------Total 1 WTPs----------------------------