Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
The workaround until forti will fix is to add Access Point network to trusthost on the admin account.
For me the workaround is worked.
But better open support case to get online update directly form Forti Support.
Five months later, and I came across the same problem the other day. Working on the "fix" mentioned in the thread.
Fortigate 60F
Fortiswitch 108EPOE
Fortistich 124EFPOE
Fortiap 221E
Took out of box, set up, upgraded all machines to most recent firmware. And like the OP, once the fortigate was updated, the ap consistently shows as disconnected, whether plugged into the firewall or the switches.
Will comment about the success or failure of the "fix." Stay tuned if interested.
Having the same issue with FortiOS 6.2.3 1500D and FortiAP 421E 6.2.3.
The FortiAP retrieves the latest config but shows up as disconnected, no trusted hosts configured.
Anyone that are still experiencing the same issues?
Robin Svanberg Network Consultant @ Ethersec AB in Östersund, Sweden
robin.svanberg@ethersec.se
I just had this happen on a 100E in HA 6.2.7 with a FortiAp221E upgrading from 6.0 build 0075 to latest 6.2.x.
The AP used to have LLDP info on switch.
tried another switch port.
zero mac addresses in table and on port of powered up AP.
There are no trusted hosts ip addresses on the fortigate 100E configuration so that workaround is not valid.
The AP is on DHCP and the dhcp server is not getting or updating the DHCP lease time for the AP mac address.
i think it is bricked.
I am seeing the switch port flap up and down every 15 seconds.
mr_vaughn wrote:I have the exact same situation (except 200F instead of 100E). Did you found a solution?I just had this happen on a 100E in HA 6.2.7 with a FortiAp221E upgrading from 6.0 build 0075 to latest 6.2.x.
The AP used to have LLDP info on switch.
tried another switch port.
zero mac addresses in table and on port of powered up AP.
There are no trusted hosts ip addresses on the fortigate 100E configuration so that workaround is not valid.
The AP is on DHCP and the dhcp server is not getting or updating the DHCP lease time for the AP mac address.
i think it is bricked.
I am seeing the switch port flap up and down every 15 seconds.
All the above don't work for me.
Edit: Fixed it by adding "Security Fabric Connection" to the vpn interface (the ap was located after an ipsec-vpn) on the 200F side.
I also ran into this after an update. Access point FAP-221E has become a brick. There is no MAC-address on the port, when I try to connect the AP through the internal connector (seems rs-232) with a console cable, I see garbage. How to restore this AP? We don't have any support.
I got the same issue as OP.
Updated the 221E's to 6.2.3 because of its upgrade path to 6.4.6 but more than 60% of the AP's are now bricked. How is this even possible? trusthost trick does not work for me, especially because 40% of the AP's still work after the update.
Is there any solution for this problem yet? This topic had over 20k views so there are a lot of people looking for answers.
Thanks in advance!
Can we receive an update on this please?
Pls do understand that this platform is not a support portal and you normally can get much quicker response with the knowledge to your case through the forticare(our support system). we have teams dedicated to solve customer's issue. I did try to access your case but unfortunately I couldn't login for the time being.
Hi All.
You may try this: # config system global set ssl-static-key-ciphers enable set strong-crypto disable end
# execute wireless-controller restart-acd
It does happen if firmware upgraded to v6.4.5 or 7.0.0
Good luck.
Hey guys, i am a noobie,
but there is a solution that worked for me:
1)Delete the "Disconnected" FortiAP from : "WIFI & Switch Controller">Managed FortiAPs.
2)Enter the Cli
3)"config wireless-controller wtp"
4)"purge"
5)"y"
6)"end"
7)"execute wireless-controller reset-wtp all"
8)"y"
9)"execute wireless-controller restart-acd"
10) "execute ssh x.x.x.x(FortiAP IP)"
11)"cfg -x"
12)"cfg -c"
13)"reboot"
This solution worked out for me,
hope it helps someone :)
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1713 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.