FortiAP devices are thin wireless access points (AP) supporting the latest Wi-Fi technologies (multi-user MIMO 802.11ac Wave 1 and Wave 2, 4x4), as well as 802.11n, 802.11AX , and the demand for plug and play deployment.
Description A CAPWAP session is initiated by the WTP (client) to the well-known UDP port of the AC (server). The CAPWAP control port and data port at the FortiGate is the well-known UDP port 5246 and 5247. There are two channels inside the CAPWAP tunnel:
1) The control channel (5246) for management traffic. 2) The data channel (5247) for carrying client data packets.
An administrator can modify/change the CAPWAP control port at the FortiGate and FortiAP.
Note. The port value is in the range of 1024-49150 (default-5246). Once an administrator changes the CAPWAP control port on FortiGate, the CAPWAP data port automatically set the next consecutive port number. As an example if ‘4444’ is selected as a CAPWAP control port than ‘4445’ will be the selected as CAPWAP data port.
The CAPWAP data port at the FAP can be any random port selected by the FortiAP.
FWF60DXXXXXX848 # config system global (global) # get . wireless-controller-port: 5246.
To set wireless control port.
FortiGate (global) set wireless-controller-port ? Enter an integer value from <1024> to <49150> (default = <5246>) FortiGate (global) set wireless-controller-port 4444 FortiGate (global) end
To get control port on FortiAP.
PU223ETFXXXXX86# cfg -s . AC_CTL_PORT:=5246 .
To set control port.
PU223ETFXXXXX86# cfg -a AC_CTL_PORT=4444 PU223ETFXXXXX86# cfg -c
