Hello all,
soooo strange behaviour. I have an Fortigate 60E OS7 with 2 Fortiap's 221C. This is running since years. Perfect signal, perfect pings. OS7 also since the first week it was released. Since about 2 Weeks. All clients except for one (an Lenovo Notebook), have unusable ping times and sometimes lose up to 80% of IP packets. The behaviour also takes place when the screens of the Android devices are permanently activated. Energy saving mechanisms are switched off. As always. A maximum of 6 clients are connected. All 5Ghz AC. So what have i done to solve the problem:
[ul]Really everything. Is it possible that both AP's are defective? How can it be that there is only one client that reaches a straight line in smokeping and does not lose any packets?
Here are the Screenshots from Smokeping. Does anyone here understand this? Or does anyone have an idea?
config wireless-controller wtp-profile
edit "FAP-221C"
config platform
set type 221C
end
set handoff-sta-thresh 30
set allowaccess https ssh snmp
set frequency-handoff enable
set ap-handoff enable
config radio-1
set band 802.11n-only
set short-guard-interval enable
set auto-power-level enable
set wids-profile "myprofile1"
set darrp enable
set vap-all manual
set vaps "ssid1" "surfen"
set channel "1" "6" "11"
end
config radio-2
set band 802.11ac-only
set short-guard-interval enable
set channel-bonding 80MHz
set auto-power-level enable
set wids-profile "myprofile1"
set darrp enable
set vap-all manual
set vaps "ssid1" "ssid2" "ssid3" "surfen"
set channel "40" "44" "48" "52" "56" "60" "64" "104" "108" "112" "116" "120" "124" "128"
end
next
end
Very Thanks and Best Regards
IPranger
Fortigate 60E v7.x (GA)
Hi ipranger,
really strange....
Some thoughts that came to my mind:
are the affected ssids tunnelled or local?
If tunnelled, is the Datachannel Security TLS or IPSEC?
Are Protected Management Frames enabled on the ssid?
Does it also occur without WIDS on the AP Profile?
Have you checked the AP´s CPU Load?
Unfortunately I have no 221C in reach to test it myself.
321C´s are working fine here.
jkassner wrote:Hi ipranger,
really strange....
Jup :p
jkassner wrote:are the affected ssids tunnelled or local?
Bridged. So no traffic over the fortigate directly. Only one tunnelled SSID only for guests.
jkassner wrote:Are Protected Management Frames enabled on the ssid?
Nice Feature, now yes.
jkassner wrote:Does it also occur without WIDS on the AP Profile?
Yes
jkassner wrote:Have you checked the AP´s CPU Load?
not yet
Fortigate 60E v7.x (GA)
Activating Protected Management Frames has unfortunately not resulted in any change.
Fortigate 60E v7.x (GA)
I configured now an Mikrotik exactly the same like the fortiap's and it works perfectly. So both ap's broken. Bad. I have already ordered a new 433F.
Fortigate 60E v7.x (GA)
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1736 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.