FortiAP
FortiAP devices are thin wireless access points (AP) supporting the latest Wi-Fi technologies (multi-user MIMO 802.11ac Wave 1 and Wave 2, 4x4), as well as 802.11n, 802.11AX , and the demand for plug and play deployment.
pverma
Staff
Staff
Article Id 198651
Description
A CAPWAP session is initiated by the WTP (client) to the well-known UDP port of the AC (server).
The CAPWAP control port and data port at the FortiGate is the well-known UDP port 5246 and 5247.

There are two channels inside the CAPWAP tunnel:

1) The control channel (5246) for management traffic.
2) The data channel (5247) for carrying client data packets.

An administrator can modify/change the CAPWAP control port at the FortiGate and FortiAP.

Note.
The port value is in the range of 1024-49150 (default-5246).

Once an administrator changes the CAPWAP control port on FortiGate, the CAPWAP data port automatically set the next consecutive port number.
As an example if ‘4444’ is selected as a CAPWAP control port than ‘4445’ will be the selected as CAPWAP data port.

The CAPWAP data port at the FAP can be any random port selected by the FortiAP.

Related links.
https://docs.fortinet.com/document/fortigate/6.0.0/fortinet-communication-ports-and-protocols/534827...
page# 156 https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/b92a67f9-73a6-11ea-9384-005056...
Refer the FOS CLI Reference – Go to system -> system global -> Configure Global Attributes: https://docs.fortinet.com/document/fortigate/6.4.0/cli-reference/1620/system-global

Solution
To get wireless control port on FortiOS.
FWF60DXXXXXX848 # config system global
(global) # get
.
wireless-controller-port: 5246.
To set wireless control port.
FortiGate (global) set wireless-controller-port ?
Enter an integer value from <1024> to <49150> (default = <5246>)
FortiGate (global) set wireless-controller-port 4444
FortiGate (global) end
To get control port on FortiAP.
PU223ETFXXXXX86# cfg -s
.
AC_CTL_PORT:=5246
.
To set control port.
PU223ETFXXXXX86# cfg -a AC_CTL_PORT=4444
PU223ETFXXXXX86# cfg -c

Contributors