FortiAP devices are thin wireless access points (AP) supporting the latest Wi-Fi technologies (multi-user MIMO 802.11ac Wave 1 and Wave 2, 4x4), as well as 802.11n, 802.11AX , and the demand for plug and play deployment.
Potential fixes are added to the new FortiAP v7.4.3 GA. Therefore:
Upgrade FortiAPs to the new v7.4.3 build 0680 GA (upgrade in batches).
Enable 11ax on all radios in the FortiAP profile.
Apply BSS Color settings on all the SSIDs and the current FortiAP profile.
Note:
FortiAP radio will display the bss-color option only when 11ax is enabled in the FortiAP profile:
config wireless-controller wtp-profile edit <FortiAP-profile> config radio-1 set bss-color-mode static set bss-color 10 end
config radio-2 set bss-color-mode static set bss-color 10 end end
On all the SSIDs:
config wireless-controller vap edit <SSID> set bss-color-partial disable end
Thereafter, if the DHCP issue remains then validate if FortiAPs are on v7.4.3 GA and are BSS color settings applied in the latest FortiGate config.
If the config is good then get fap-tech, klog, latest FortiGate config, Wireless OTA capture, and AP uplink port-mirror captures (applicable for Bridge SSID) in the problem state.
Note:
Collect Wireless OTA for either Open or WPA2-PSK SSIDs. Make sure the capture covers the fresh WiFi user association phase (starting Probe Req/Response). To decrypt WPA2-PSK captures, get the SSID Name and Passphrase.
Other causes of the DHCP issue #0923964 are resolved on the new FortiAP v7.4.4 GA release: Resolved issues
Last resort: Disable 11ax as a temporary workaround.
If disabling 11ax on the FortiAP profile has not helped in resolving the DHCP issue then the cause of DHCP failure is most likely not related to FortiAP, instead, it can be an Infrastructure (FortiGate/DHCP Server/DHCP Relay) side issue.
Refer to the following KB articles links to debug DHCP issues on the FortiGate:
