FortiAP devices are thin wireless access points (AP) supporting the latest Wi-Fi technologies (multi-user MIMO 802.11ac Wave 1 and Wave 2, 4x4), as well as 802.11n, 802.11AX , and the demand for plug and play deployment.
Description A CAPWAP session is initiated by the WTP (client) to the well-known UDP port of the AC (server). The CAPWAP control port and data port at the FortiGate is the well-known UDP port 5246 and 5247. There are two channels inside the CAPWAP tunnel:
1) The control channel (5246) for management traffic. 2) The data channel (5247) for carrying client data packets.
An administrator can modify/change the CAPWAP control port at the FortiGate and FortiAP.
Note. The port value is in the range of 1024-49150 (default-5246). Once an administrator changes the CAPWAP control port on FortiGate, the CAPWAP data port automatically set the next consecutive port number. As an example if ‘4444’ is selected as a CAPWAP control port than ‘4445’ will be the selected as CAPWAP data port.
The CAPWAP data port at the FAP can be any random port selected by the FortiAP.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.