I'm trying to setup a couple of AP. I got the AP setup in the FortiGate unit but its being blocked by the local-in-policy. Am I even looking at the correct local-in-policy? I even tried setting the deny to accept on the 2nd and 4th policies. Only wan1 is active wan2 is disabled, these are configured for SD-Wan. We stopped using the 2nd wan some time ago, I just haven't reconfigured the fortigate unit. Any advice on getting the AP connecting would be greatly appreciated.

Devices:

FortiAP 421E - v6.0.5 - 192.168.1.178

FOrtiGate 200D - v6.0.5 - 192.168.1.100

config firewall local-in-policy edit 1 set intf "wan1" set srcaddr "usa" set dstaddr "all" set action accept set service "ALL" set schedule "always" next edit 2 set intf "wan1" set srcaddr "all" set dstaddr "all" set service "ALL" set schedule "always" next edit 3 set intf "wan2" set srcaddr "usa2" set dstaddr "all" set action accept set service "ALL" set schedule "always" next edit 4 set intf "wan2" set srcaddr "all" set dstaddr "all" set service "ALL" set schedule "always" next end

Local Traffic log entry looks like this:

General Date 2019/06/11 Time 09:17:18 Duration 0s Session ID 1121662 Virtual Domain root

Source IP 192.168.1.178 Source Port 35246 Country/Region Reserved Primary MAC 70:4c:a5:52:98:40 Source Interface lan Host Name FP421E3X17006836 Device Type Fortinet Device OS Name FortiAP

Destination IP 192.168.1.100 Port 5246 Country/Region Reserved Destination Interface root

Application Application Name Local Wireless Controller Category unscanned Protocol udp Service udp/5246

Data Received Bytes 0 B Sent Bytes 0 B Sent Packets 0

Action Action deny Threat 262144 Policy 0 Policy Type local-in-policy

Security Level Threat Level low Threat Score 5

Other Device Category Fortinet Device Source Interface Role lan Log ID 14 byod_name FP421E3X17006836 Protocol Number 17 roll 63521 byod_device fortinet-device Log event original timestamp 1560259037 Destination Interface Role undefined Source Server 0 Sub Type local