FortiAP behind Cisco Switch

I have a 300,000 square foot warehouse.

In the MDF, I have a FortiGate F60E, a FortiSwitch 148FPOE.

One IDF at the far end of the Warehouse is connected via Fiber with a FortiSwitch 124FPOE back to the FortiSwitch 148FPOE. Access points on both FortiSwitches work great.

The 2nd IDF is connected via copper to a Cisco SG300-28 port POE switch.

The FortiAPs obtain an IP address and connect to FortiAP Cloud. I can see them, they show as on-line. I can ping them across the network and log into them via HTTPS. However, no clients can obtain an IP address from any of the SSID's. Each SSID is configured for a different VLAN via FortiCloud. I can connect my laptop to the switch, it works fine.

If I connect a dumb unmanaged switch and power up one of the access points with a PoE injector the SSID's hand out IPs and the devices can hit all necessary resources.

On the Cisco SG300 switch, I have reset to defaults and disabled: LLDP, CDP and Smartport.