FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes a FortiAPs offline after upgrading to FortiOS 7.0 due to 3DES and SHA1 and being removed from the list of strong cryptographic ciphers. Refer to the release notes for current FortiAP models ending with E and F for compatibility versions.
Scope
When using Legacy FortiAP models whose names end with the letters B, C, CR, or D.
Solution
To allow legacy FortiAP's connections with weak cipher encryption by entering the following in the FortiOS CLI:
# config system global
set ssl-static-key-ciphers enable set strong-crypto disable
end # execute wireless-controller restart-acd <--- to restart wireless controller deamon.
