Created on 10-28-2020 03:23 AM Edited on 12-07-2024 08:37 AM By ssanga
Description
This article describes the workaround for an issue where the users connected to an SSID operating in Tunnel Mode are unable to access Intranet/Internet.
Scope
FortiGate v7.0.15.
Solution
Users connected to the SSID in tunnel mode receive a DHCP IP address, but access to the Intranet/Internet fails to work as expected.
When sniffers are run on the SSID interface, VLAN-tagged traffic is observed from the FortiAP, even though VLAN tagging is not configured on the SSID.
This issue has been resolved in the below FortiOS versions.
Note that these timelines for firmware release are estimates and may be subject to change.
Workaround:
Disable capwap-offload on the FortiGate and restart the FortiGate cw_acd process:
config system npu
set capwap-offload disable
end
Restart the cw_acd wireless controller process:
execute wireless-controller restart-acd
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.