DescriptionWhen trying to authorize FortiAPs (APs), this error occurs when the
maximum number of APs that can be connected to that FortiGate
device has been reached.
ScopeWe are using FGT60D as an example in this case. Every
FortiGate model has its own number of maximum values of Access
Points that can be connected.
When trying to authorize the 6th access point on the FGT60D,
an error "Value conflict system settings" is seen.
It means you have reached the maximum value for Access Points
connected in "normal mode"
To increase the number of FortiAPs associated with a FortiGate,
change the operational mode of some of the APs in "remote
mode". Changing FortiAPs to "remote mode" does place some
restrictions on these FortiAPs (see "Considerations" below).
60D has a maximum number of 10 APs. But only 5 of those
may operate in normal mode.
Considerations -- SSID Types & AP Mode
An SSID can be tunnel mode or local-bridge mode
A tunnel mode SSID can be assigned to an AP in normal mode but
not remote mode.
A local-bridge mode can be assigned to an AP in both normal
mode and remote mode.
a) tunnel-mode SSID
A tunnel mode SSID will work with a software
switch.
A software switch allows you to bridge a SSID in tunnel mode
to the LAN subnet, so they share an IP range.
b) local-bridge mode SSID
A local-bridge mode SSID does not require a software
switch
- by default the wireless client takes its IP from the subnet
of the AP, unless the SSID has a VLAN id associated with
it.
- if an SSID in local-bridge mode has a VLAN id associated
with it then the clients get their IP address from the
VLAN.
Solution
To create the bridged WiFi and wired LAN configuration, you
need to configure the SSID with the Local Bridge option so that
traffic is sent directly over the FortiAP unit’s Ethernet interface
to the FortiGate unit, instead of being tunneled to the WiFi
controller.
Tunnel is by default.
Enter the following command from the CLI:
config wireless-controller vap
edit "homenet_if" set vdom "root"
set ssid "homenet" set local-bridging enable
set security wpa-personal set passphrase
"Fortinet1"
end
config wireless-controller wtp
edit FAP22B3U11005354
set admin enable
set vaps "homenet_if"
set wtp-mode: normal <-----Bridge or Normal
end