New Member

Solved

Which AP to choose

Forum|Forum|9 years ago
February 4, 2017
3 replies
30286 views

Hi,

We want to replace our Fortinet AP FAP221C with something better. We have problems with Apple devices like iPhone and laptops they frequently disconnects from access points. Can someone recommend more reliable Fortinet model?

Thanks,

Aigars

Best answer by MikePruett

You can use whatever AP you want really. FortiAP integrates directly to the Gate which is nice. The 221C is good for most home\business users. If you have a ton of clients (and I mean A TON) you can look at the 320/321 but it is usually too expensive and overkill for home use needs.

wanglei_FTNT

Staff

Hi Algars,

Can you post wireless related config here so we can see whether some parameters can be fine tuned?

Thanks,

apolisAuthor

New Member

Okay:

------------------------------------------------

config wireless-controller wids-profile edit "default-wids-apscan-enabled" set ap-scan enable set wireless-bridge enable set deauth-broadcast enable set null-ssid-probe-resp enable set long-duration-attack enable set invalid-mac-oui enable set weak-wep-iv enable set auth-frame-flood enable set assoc-frame-flood enable set spoofed-deauth enable set asleap-attack enable set eapol-start-flood enable set eapol-logoff-flood enable set eapol-succ-flood enable set eapol-fail-flood enable set eapol-pre-succ-flood enable set eapol-pre-fail-flood enable next edit "default" set comment "default wids profile" set ap-scan enable set wireless-bridge enable set deauth-broadcast enable set null-ssid-probe-resp enable set long-duration-attack enable set invalid-mac-oui enable set weak-wep-iv enable set auth-frame-flood enable set assoc-frame-flood enable set spoofed-deauth enable set asleap-attack enable set eapol-start-flood enable set eapol-logoff-flood enable set eapol-succ-flood enable set eapol-fail-flood enable set eapol-pre-succ-flood enable set eapol-pre-fail-flood enable next end config wireless-controller wtp-profile edit "**********" config platform set type 221C end set ap-country US config radio-1 set band 802.11n-only set powersave-optimize no-11b-rate set auto-power-level enable set auto-power-high 20 set wids-profile "default" set darrp enable set frequency-handoff enable set vap-all disable set vaps "Guest" "TT***" set channel "6" end config radio-2 set band 802.11ac,n-only set short-guard-interval enable set channel-bonding 80MHz set auto-power-level enable set auto-power-high 18 set auto-power-low 7 set darrp enable set frequency-handoff enable set vap-all disable set vaps "TT****" "TT2*****" set channel "108" end next edit "TennantWifi" set ap-country US config radio-1 set band 802.11n-5G set channel-bonding 40MHz set vap-all disable set vaps "TT***" "TT2*****" set channel "36" "40" "44" "48" "149" "153" "157" "161" end config radio-2 set band 802.11n,g-only set vap-all disable set vaps "Guest" "TennantWifi" "TT****" "TT2*****" set channel "1" "6" "11" end next edit "Kitchen" config platform set type 221C end set ap-country US config radio-1 set band 802.11n-only set auto-power-level enable set wids-profile "default" set darrp enable set frequency-handoff enable set vap-all disable set vaps "Guest" "TT****" set channel "6" end config radio-2 set band 802.11ac,n-only set short-guard-interval enable set channel-bonding 40MHz set frequency-handoff enable set vap-all disable set vaps "TT****" "TT2*****" set channel "36" end next edit "Brrrrrr corner" config platform set type 221C end set ap-country US config radio-1 set band 802.11n-only set power-level 80 set wids-profile "default" set darrp enable set frequency-handoff enable set vap-all disable set vaps "Guest" "TT****" end config radio-2 set band 802.11ac,n-only set short-guard-interval enable set channel-bonding 40MHz set frequency-handoff enable set vap-all disable set vaps "TT****Sawyer" "TT****" set channel "44" end next edit "Finance corner" config platform set type 221C end set ap-country US config radio-1 set band 802.11n-only set power-level 82 set wids-profile "default" set darrp enable set frequency-handoff enable set vap-all disable set vaps "Guest" "TT****" end config radio-2 set band 802.11ac,n-only set short-guard-interval enable set channel-bonding 40MHz set frequency-handoff enable set vap-all disable set vaps "TT****" "TT****" set channel "60" end next end config wireless-controller wtp edit "FP221C3X14018643" set wtp-profile "Finance corner" config radio-1 end config radio-2 end next edit "FP221C3X14018541" set wtp-profile "Brrrrrr corner" config radio-1 end config radio-2 end next edit "FP221C3X14019457" set location "Kitchen" set wtp-profile "Kitchen" config radio-1 end config radio-2 end next end

MikePruett

New Member

I loved my 321C that I had deployed at my house. Pushed 50 or so of them to a university client as well and they have nothing but great things to say.

Toshi_Esumi

SuperUser

We have 221B and 221C in our office. One Macbook Air user keeps complaining frequent drops. But I haven't gotten any complaint so far from iPhone users yet.

The Macbook Air is regularly connected to 5GHz radio on 221C, while two more Win laptops are connected to the same radio with the same SSID, which never experienced the problem the Macbook user is experiencing.

I researched on Google and found similar symptoms but all seem to be related to Mac OS X side.

For the recommendation, I don't have anything else tested. But if you can afford I would recommend 3x3 MIMO models for better "air" performance.

apolisAuthor

New Member

How good are Aruba and Rokus working with Apple hardware?

wanglei_FTNT

Staff

Some general suggestions based on config

1) if WIDS is a function you need, you can consider to have some dedicated radios with mode set to monitor to do that. When radio is put into access point mode with WIDS enabled, it does off-channel scan while it serves client

2) if DFS channel is used, you can consider to add a couple of more channels in the available channel list just in case there is radar signal in that area which AP has to wait until it can use that channel. During that time, there might be a coverage hole

3) When DARRP is enabled on AP and it decides to change channel, AP will send a standard channel switch announcement frame to let clients know. Some apple clients don't take that well. The symptom could be the wireless icon showing connected/greyed out. To workaround the issue, you can use fixed channels as you did for some of your APs or enable DARRP with an off-hour schedule

4) not sure about your VAP config. If you by any chance use enterprise mode, please disable gtk/ptk rekey or set it to a longer duration. Some clients don't work well with that either.

If you still have issues after considering above, I suggest open a support ticket with Fortinet TAC who can help take a further look at your particular deployment such as network topology/radio environment/broadcast-multicast traffic volume etc.

Thanks

lamtiman

New Member

Hi all,

I'm using a Fortigate 90E and I need to know which FortiAP can I use to setup a WI FI network ?

Thanks,

MikePruettAnswer

New Member

You can use whatever AP you want really. FortiAP integrates directly to the Gate which is nice. The 221C is good for most home\business users. If you have a ton of clients (and I mean A TON) you can look at the 320/321 but it is usually too expensive and overkill for home use needs.

lamtiman

New Member

Thank you for your answer.

I think that the AP221C is the best choice. I only have 50/60 clients

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded