Help
FortiAP
FortiAP devices are thin wireless access points (AP) supporting the latest Wi-Fi technologies (multi-user MIMO 802.11ac Wave 1 and Wave 2, 4x4), as well as 802.11n, 802.11AX , and the demand for plug and play deployment.
Abin_FTNT
Staff
Staff

Created on ‎09-30-2014 06:00 AM Edited on ‎01-05-2026 12:30 AM By Community Manager

Article Id 197077

Troubleshooting Tip: Data to be captured for wifi performance issue troubleshooting

Description

 

This article describes which data should be captured for wifi performance issue troubleshooting. This data should be prepared before opening a ticket with the Fortinet TAC.
 
Scope
 
FortiAP.

Data collection should be performed during both off-peak and peak hours in order to obtain a comparison.


Solution

 

Data needs to be captured for one test laptop connected to the SSID. From the test PC, send continuous ping to wifi gateway IP.

On the FortiGate GUI, take screenshots of Wireless Health -> Client count over time (screenshots of 1h, 1 day, and 30 days must be captured).

On the FortiGate GUI, locate the test PC -> Client monitor, filter on 'device' using the test PC’s MAC address. Take a screenshot of this output.

On the GUI, select 'Managed FortiAPs' and make sure the 'join-time' column is selected. Take a screenshot.

Capture the following debug information (output must be logged to a file):

diagnose wireless-controller wlac -d wtp
diagnose wireless-controller wlac -c wtp
diagnose wireless-controller wlac -d sta
 
The information captured above is required to verify the status of the network when capturing the debug.

The live debug will start from now:

Set the admin timeout to 480 minutes to avoid unexpected Putty session time-outs. This can be reverted to defaults after capturing data.
 
  1. On the FortiAP:
  1. Open a first telnet session to the FortiAP where the test PC is connected, and capture dmesg on the FortiAP session must be logged to a file (dmesgbeforepeak.log and dmesgdureinpeak.log).


cw_diag repeat 10000 1 "dmesg -c"

 

This command will continuously capture the dmesg on the FortiAP, and a prompt will be returned after 10000 counts. If there is any ping lost, it should be captured on this output.

  1. At the same time, open another telnet session to the FortiAP and capture cw_debug on the FortiAP. The session must be logged to a file (cwdebug.log before and during peak hours).

 

FAP# # cw_debug on
FAP# # cw_debug app cwWtpd 0x7fff

 

  1. Air sniffer.

At the same time, a wireless sniffer must be taken near the test PC. Make sure there is NO filter on the air sniffer. The channel must be set to the one used by the test PC (association to FortiAP).

  1. On the FortiGate.

At the same time, on the FortiGate, the following information must be captured:

  • debug cw_acd on the FortiGate from SSH.
  • Sniffer trace on the FortiGate from SSH - session must be logged to a file.

To filter the traffic of FortiAP where the test PC is connected, the following must be done (this is an example) using:

 

diagnose wireless-controller wlac -c ws

 

Find the FortiAP WTP session of the FortiAP used by the test PC.

This is the output taken from a lab as an example:


-------------------------------WTP SESSION 2----------------------------
WTP session : 0-192.168.222.82:5246 CWAS_RUN  impacted FAP session
indev : 4(wan2)
in_ifIdx : 4(wan2)
mesh uplink : ethernet
id : FP221B3X11000009

 

Using the output above, use the following diagnose command to turn on the filter:

 

diagnose wireless-controller wlac wtp_filter FP221B3X11000009 0-192.168.222.82:5246 4


Then the following debug can be enabled

 

diagnose debug console timestamp enable
diagnose debug application cw_acd 0x7fff
diagnose debug enable


Note: As soon as the above commands are enabled, lots of logs will come up, but it will be possible to copy and paste below sniffer commands in the same window without any error.

Sniffer trace must be captured at the same time on the same SSH session:


diagnose sniffer packet any "host " 6 0 a


The output must be captured to a file (FGT.log before and during peak).

  1. Collect ping test results on STA (test PC).

While ping is running, take a screenshot whenever there is a ping loss and paste it into a Word file with the file name as sta_ping_log. Make sure ping timeouts and laptop time are visible on screenshots.

Leave the debug (1., 2., 3., and 4.) running during the time that the problem is present. The duration of the capture will depend on the presence of the problem (ping loss).

 
Collect logs below on FortiAP for detailed logs:
 
diagnose wireless-controller wlac show all
 
Collect logs below on FortiGate to verify any cw_acd is crashing, which may affect performance:
 
diagnose debug crashlog read
 
If the issue is not occurring in 5 to 10 minutes, start saving logs to a new file and ignore the old file.

To troubleshoot this issue, capturing during the problem state only will be helpful.

To analyze the data, open a support ticket and attach the zipped data along with the latest config file.
Labels:
11173
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.