Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
mibekwe
Staff
Staff

Created on ‎07-29-2016 05:02 AM Edited on ‎01-25-2026 09:37 PM By Community Manager

Article Id 191594

Technical Tip: How to choose security mode for the wireless interface via CLI

Description

 
This article describes the steps for choosing the security mode for the wireless interface via CLI.
 
Scope
 
FortiGate.


Solution

 

CLI:
 
config wireless-controller vap
    edit <vap_name>
        set security <options>
end

Where <vap_name> is the name for this Virtual Access Point.
 
Available options for security:
 
open                                 Open
captive-portal                       Captive portal.
wpa-personal                         WPA/WPA2 personal.
wpa-personal+captive-portal          WPA/WPA2 personal with captive portal.
wpa-enterprise                       WPA/WPA2 enterprise.
wpa2-only-personal                   WPA2 personal.
wpa2-only-personal+captive-portal    WPA2 personal with captive portal.
wpa2-only-enterprise                 WPA2 enterprise.

Wireless users must use the same security mode to be able to connect to this wireless interface.

Starting with v7.4.4 and later, the captive portal is an independent setting, separated from the wireless authentication methods.

Troubleshooting Tip: How to set up a captive portal managed by FortiGate over a FortiAP SSID

Labels:
2516
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.