Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
COA
New Contributor II

FortiAP 7.0.6 tunnel mode SSID sometimes cannot get the IP.

FortiOS 7.0.11 (Fortigate 201F HA A-P, SD-WAN with dual WAN)

FortiAP 7.0.6

 

SSID1: Bridge mode, get IP from Windows DHCP Server.

SSID2: Tunnel mode, get IP from tunnel interface.

SSID3: Tunnel mode, get IP from tunnel interface.

 

After I completed the configuration, 3 SSID connect normally and can access the internet. But when I switch/disconnect, forgot SSID and reconnect those 3 SSID several times, my laptop PC can not get the IP address from tunnel mode SSIDs, but my Android phone keeps normal.  Bridge mode SSID is normal in laptop PC and Android phone. 

 

I have no idea why this happens. But After I downgrade the AP firmware to 7.0.4, the issue seems clear. 7.05 not test.

 

Is this the AP 7.0.6 version bug?  or my configuration error?

 

Thanks and regards,

Gavin

4 REPLIES 4
ebilcari
Staff
Staff

For SSIDs in tunnel mode I suppose you have configured FGT to be the DHCP server. Is the subnet and the pool large enough to handle all the users that connects on that SSID?

DHCP leases can be checked from GUI or via cli: execute dhcp lease-list
In my opinion the AP is not playing a crucial role for the DHCP in this scenario. If this is an open SSID where many users connect you can try to increase the subnet or lower the Lease time (~3600 s).

 

If you want further details you can try enabling the debug for DHCP in FGT:

diag debug application dhcps -1

diag debug enable

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
COA
New Contributor II

Thanks for the reply.

 

The tunnel mode SSID interface is the DHCP server and gateway, and the pool is more than 200 IP, but in my test only 6 devices connect to the SSID.

 

In some tests, my devices can get the IP address, but I can not ping the gateway, so can not access the internet.

 

Thank you.

Gavin

ebilcari

I see, so it looks like the problem is related to the communication and not the DHCP functions itself. I found a reported issue "Wi-Fi clients would randomly get disconnected when FortiAP was sending statistics data to the FortiGate" that is going to be fixed on 7.0.7.
If the APs are under support you can open a TAC case to follow up. Otherwise if the setup is stable on 7.0.4 you can use this version until 7.0.7 will be published.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
COA
New Contributor II

Thanks for the update.

The end-user using 7.0.4, and it seems to work fine.

So they will keep this version at this moment.

 

Thank you again.

Gavin

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors