Help
FortiAP
FortiAP devices are thin wireless access points (AP) supporting the latest Wi-Fi technologies (multi-user MIMO 802.11ac Wave 1 and Wave 2, 4x4), as well as 802.11n, 802.11AX , and the demand for plug and play deployment.
gvenkatesan
Staff
Staff

Created on ‎07-11-2025 06:27 AM

Article Id 400324

Technical Tip: FortiGate E Series Firewalls Unable to Manage FortiAP-231K access points

Description This article describes why certain E Series FortiGate firewalls are unable to manage the FortiAP-231K access point as expected.
Scope

FortiOS v7.4.5 GA and above, v7.6.1 GA and above.

FortiAP v7.4.5 GA.
Solution

Issue:

Some E Series FortiGate firewall models are unable to manage the FortiAP-231K running FortiOS version 7.4.5 (GA).

 

Note: This information has been updated in the Fortinet Compatibility Matrix.

 

Symptoms:

  • The FortiAP can discover the FortiGate as expected.
  • However, the FSM (Finite State Machine) state transitions repeatedly between SULKING and DTLS_SETUP.
  • This behavior can be observed via the FortiAP CLI using the command:

 

wcfg | grep fsm-state


Root Cause:

The FortiAP-231K lacks certain self-signed CA certificates, which leads to a failure during the DTLS setup phase.

 

Solution:

Upgrade the FortiAP-231K to firmware version 7.6.2 build 0972 GA to ensure proper management by the FortiGate firewall.
696
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.