Description
This article describes that FortiAP-F randomly reboots several times a day and how to resolve it.
Scope
FAP-F version prior to 7.2.2 build 0318.
Solution
It is possible to notice that units are rebooting if the following logs on FortiGate Wifi Event Log are observed:
logid="0104043552" type="event" subtype="wireless" level="notice" vd="root" logdesc="Physical AP leave" sn="FPXXXFTXXXXX"
Along with the following log descriptions:
- AC daemon reset timer expired (Fair Health).
- ECHO req is missing (Fair Health).
- Control message max. re-transmission limit reached (Fair Health).
- Physical FortiAP fails.
And all other expected causes for the entries above have been discarded as per best practices described in the following KB article:
https://community.fortinet.com/t5/FortiAP/Technical-Tip-How-to-interpret-FortiWiFi-or-FortiAP-variou...
There is a reasonable suspicion if along with those verifications, on the FortiAP health menu, connection uptime is fair very recently from suspicious affected FortiAP.
It could be an indicator the FortiAP is affected by one or more known kernel panic issues resolved on our release 7.2.2:
https://docs.fortinet.com/document/fortiap/7.2.2/fortiap-release-notes/929745/resolved-issues
Upgrade the FortiAPs-F to release 7.2.2 regardless of the FortiOS release running on the FortiGate and monitor if those messages stopped appearing on the Wifi Event Log.
If messages like mentioned in this KB article still can be observed or other issues start to happen after the upgrade, contact TAC and provide the following information on a support ticket to start an in-depth investigation.
Download and provide config files, Event Log files for System Events, and Wifi Events filtered from Serial Number, an affected FortiAP, and a FortiGate.
Use putty to gather all diagnose info and share it with us in clear text format:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-create-a-log-file-of-a-session-usin...
Provide the output of the following commands on the FortiGate:
# get sys status
# get hardware status
# diag debug crashlog read
# show wireless-controller setting
# show wireless-controller global
# show wireless-controller timmer
# show wireless-controller wtp
# show wireless-controller wtp-profile
# show wireless-controller vap
# diagnose wireless-controller wlac -c wtp
Provide the output of the following commands in the FortiAP where the problem occurs:
cfg -s
fap-get-status
date
fap-tech
Refer to this KB article for information on the FortiAP CLI, in case it is difficult to gather info from affected FortiAP, on last part it mentions how to enable SSH access to FortiAP:
https://community.fortinet.com/t5/FortiAP/Technical-Tip-How-to-check-why-FortiAP-got-Offline-from/ta...
All other diagnose commands from FortiAP mentioned in the above article were replaced by 'fap-tech' command on newer versions, as recommended in this article.
