FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 192051

This article provides the CLI commands that can be used to remove connected wireless client from a FortiGate.

The connected clients can only be removed via their physical MAC address and not by their given/provided/assigned IP address. Due to this, currently the removal can be only done via CLI.

Once the targeted client is removed from the FortiGate, the session on the physical device may show as still connected and take some time to show the correct status. When the targeted client is removed, the connected users would not be able to access to the current connected sessions immediately.

To list all connected connections:

  # diagnose wireless-controller wlac -d all

To list all connected client's MAC address:

  # diagnose wireless-controller wlac -c mac-table

To kill/remove the targeted client:

  # diagnose wireless-controller wlac kickmac <MAC Address: xx:xx:xx:xx:xx:xx>