Skip to main content
mmontes
Staff
mmontes
Staff
September 6, 2017

Troubleshooting Tip: FortiAP troubleshooting

  • September 6, 2017
  • 0 replies
  • 13247 views

Description


When a WIFI issue occurs like disconnections, SSID is not being spread as expected, etc.
Review the FortiAP operation to see if it´s working as expected.
This article describes how to access to the FortiAP from the FortiGate and which commands could be collected directly from the FortiAP to see its current memory-usag, cpu-usage, if there´s a kernel panic, if there´s process crashing, etc.

Scope

 

FortiAP.

 

Solution


When a FortiAP is being controlled by a FortiGate unit, following procedure can be used to access to the FortiAP via telnet session:

  • Connect to the FortiGate via SSH session using PuTTy.
  • Configure this to make a log file (see article in field related articles) and be able to capture the output of the commands described below.
  • If the FortiGate is running FortiOS 5.4, the following procedure is required:

 

config wireless-controller wtp

    edit <FortiAP_serial number>
        set login-enable enable
    end

 

  • If the FortiGate is running FortiOS 5.2, following procedure is required:

 

config wireless-controller wtp
    edit <FortiAP_serial number>
        set override-allowaccess enable
        set allowaccess telnet
end

 

After one of the procedures above is followed into the FortiGate, use the following command to access to the FortiAP via telnet. The user name is usually 'admin' without a password:

 

execute telnet X.X.X.X <----- X.X.X.X is the the FortiAP IP.

 

Once telnet connection to the FortiAP is ready, run and collect the output of the following commands:

 

fap-get-status
cfg -s
cw_diag sys-performance                  <----- Collect it three time with difference of time between each one of 1 min

diag_debug_crashlog read
cw_diag kernel-panic
cw_diag --tlog on
cw_diag -c wtp-cfg
cw_diag -c radio-cfg
cw_diag -c vap-cfg
dmesg

 

Note: For FortiAP 7.0 and above, TELNET can be enabled. See Technical Tip: How to login to FortiAP from the Wireless Controller using telnet.

 

On the FortiGate side the cw_acd process can be restarted as a test using the command: 

 

   execute wireless-controller restart-acd

 

Restarting this process will disconnect all connected FortiAPs. Additional details are available in the article: Technical Tip: How to restart the wireless controller daemon 

 

Related articles:

Technical Tip: How to create a log file of a session using PuTTY

Troubleshooting Tip: Managed FortiAP showing as Offline/Down 

Troubleshooting Tip: FortiAP offline: Complete consolidated troubleshooting & checklist 

 

 

 

 

    Terms & ConditionsAccessibility statement