Help
FortiSwitch
FortiSwitch: secure, simple and scalable Ethernet solutions
sachitdas_FTNT
Staff
Staff

Created on ‎09-10-2024 04:28 AM

Article Id 340275

Technical Tip: Managed FortiSwitch Capwap discovery process

Description This article describes the Capwap discovery process on a FortiSwitch managed by FortiGate.
Scope Managed FortiSwitch version 7.x and above.
Solution

FortiSwitch discovers the FortiGate using CapWap port 5246 and the Capwap process name responsible for FortiSwitch is cu_swtpd

Below is the discovery process on the FortiSwitch.

 

FortiSwitch# diagnose debug application cu_swtpd -1

 

  • CapWap discovery:

 

00094.011 msgType : 1 DISCOVERY_REQ
00094.012 seqNum : 6
00094.014 msgElemLen : 213
00094.016 flags : 0
00094.020 intf internal, vd:root, opmode:NAT, type:0, mode:1, ifIdx: 23 ip 10.255.1.2 ipv6 ::
00094.022 cw_bmcast_send_intf send 268/268 bytes through intf internal
00094.032 cwAddTimer: CWTMR_DISCOVERY_INTERVAL Id 17 T 1s with fire time 95
00094.034 CWWS_DISCOVERY_enter 531: cwAddTimer DiscoveryInterval success.
00094.041 cw_rx_pktinfo 107B 10.255.1.1:5246 -> 10.255.1.2
00094.057 CAPWAP Control Header Dump:
00094.060 msgType : 2 DISCOVERY_RESP
00094.067 cwWtpProcPlainCtlMsg: received DISCOVERY_RESP from 10.255.1.1/5246

 

  • DTLS setup:

 

00095.030 CWWS_DTLS_SETUP_enter 1165: cwAddTimer WaitDTLS success.
00095.032 cwDtlsSslInitClient: Client Certificate

00095.763 cwDtlsMsgCbFn: [incoming] TLS 1.2 Handshake [length 5917 (0x171d)], Certificate

00095.961 cwDtlsInfoCbFn State 1001 ret 1 ssl->state 8 StatePtr SSLv3/TLS read server certificate request
00095.963 cwDtlsMsgCbFn: [incoming] TLS 1.2 Handshake [length 12 (0x000c)], ServerHelloDone

00096.045 FSM WTP -> AC (10.255.1.1/5246) State: CWWS_DTLS_SETUP (5) connect 3 live 1 dbg ffffffff Pkts 0 0

00096.057 FSM: old CWWS_DTLS_SETUP(5) ev CWWE_DTLS_PEER_ID_RECV(10) new CWWS_DTLS_AUTHORIZE(6)
00096.066 FSM: old CWWS_DTLS_AUTHORIZE(6) ev CWWE_DTLS_AUTH_PASS(13) new CWWS_DTLS_CONN(7)

00096.075 FSM: old CWWS_DTLS_CONN(7) ev CWWE_DTLS_ESTABLISHED(15) new CWWS_JOIN(9)

 

  • Join:

00096.077 cwWtpSendJoinReq: sending JOIN REQ msg.

00096.317 FSM: old CWWS_JOIN(9) ev CWWE_JOIN_RESP_RC_SUCC_IMAGE_SAME(23) new CWWS_CONFIG(11)

 

  • Configuration:

00096.335 CWWS_CONFIG_enter 1495: cwDelTimer WaitDTLS success.
00096.337 CWWS_CONFIG_enter: ver=FWF60F-v7.4-build2662 major=7 minor=4 opt=1
00096.385 cwWtpSendCfgStatusReq: sending CFG STATUS REQ msg.

00096.565 FSM: old CWWS_CONFIG(11) ev CWWE_CONFIG_STATUS_RESP_SUCC(36) new CWWS_DATA_CHECK(12)

 

  • Data Check:

00096.565 FSM: old CWWS_CONFIG(11) ev CWWE_CONFIG_STATUS_RESP_SUCC(36) new CWWS_DATA_CHECK(12)
00096.566 CWWS_DATA_CHECK_enter CONFIG_STATUS_RESP change EchoInterval 30 MaxDiscoveryInterval 5
00096.578 CWWS_DATA_CHECK_enter CONFIG_STATUS_RESP change ReportInterval 30

 

  • Run:

00096.754 FSM: old CWWS_DATA_CHECK(12) ev CWWE_CHANGE_STATE_EVENT_RC_SUCC(39) new CWWS_RUN(13)

00097.914 FSM WTP -> AC (10.255.1.1/5246) State: CWWS_RUN (13) connect 3 live 1 dbg ffffffff Pkts 0 0

00097.109 FSM: old CWWS_RUN(13) ev CWWE_CFG_UPDATE_REQ_RECV(41) new CWWS_RUN(13)

00097.111 CWWS_RUN_enter CFG_UPDATE_REQ change StatisticsTimer 120

00097.170 CWWS_RUN_enter: sending CFG UPDATE RESP msg.

 

1348
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.