The FortiAPs i have connected to a Fortigate show offline.
The AP vlan has security fabric enabled, the FG version is 6.4.15 and the Switch version 7.4.2.
I have tried to factory reset the APs, reboot the fortigate and switch with no luck.
The APs are not getting an IP.
The dhcp server of the FG works as it should, as there are other devices connected and getting an IP from it.
I seen another post stating that I need to either upgrade or downgrade the AP firmware from the console access of the AP.
can someone tell me the process for this? I have looked online to no luck.
Just one of the diagnose outputs of an AP:
-------------------------------WTP 12----------------------------
WTP vd : root
vfid : 0
id : FP231FTF2309E48T
uuid : 3616ddf2-1eba-51ef-9777-531c42d0d742
mgmt_vlanid : 0
region code :
regcode status : valid
refcnt : 2 own(1) wtpprof(1)
apcfg status : N/A,N/A cfg_ac=0.0.0.0:0 val_ac=0.0.0.0:0 cmds T 0 P 0 U 0 I 0 M 0
apcfg cmd details:
plain_ctl : disabled
deleted : no
image-dl(wtp,rst): yes,no
admin : enable
cfg-wtp-profile : FAP231F-default
override-profile : disabled
oper-wtp-profile : FAP231F-default
wtp-mode : remote
cfg-apcfg-prof :
oper-apcfg-pro :
bonjour-profile :
wtp-group :
name : FP231FTF2309E48T
location :
led-blink : disabled
led-state : enabled
led-schedules :
poe-mode : auto
poe-mode-oper : invalid
ext-info-enable : enabled
ip-frag-prevent : TCP_MSS
tun-mtu : 0,0
split-tunneling-acl-path : local
split-tunneling-local-ap-subnet : disabled
active sw ver :
local IPv4 addr : 0.0.0.0
board mac : 00:00:00:00:00:00
join_time : N/A
mesh-uplink : ethernet
mesh hop count : 0
parent wtp id :
connection state : Disconnected
image download progress: 0
last failure : 0 -- N/A
last failure param:
last failure time: N/A
station info : 0/0
geo : World (0)
LAN :
rId : 3
cnt : 2
port 1 : mode offline(0)
port 2 : mode offline(0)
LLDP : enabled (total 0)
SNMP : enabled
Radio 1 : AP
country name : NA
country code : N/A
drma_manual_mode : ncf
radio_type : 11AX
channel list : 1 6 11
darrp : disabled
airtime fairness : disabled
bss color : 0
txpower : high 20 low 10 tgt -70 (calc 0 oper 0 dBm)
beacon_intv : 100
rts_threshold : 2346
frag_threshold : 2346
ap scan : disable
ap scan passive : disabled
sensor mode : disabled
ARRP profile : ---
WIDS profile : ---
wlan 0 : wlan1
wlan 1 : wlan2
wlan 2 : wlan3
max vaps : 8
base bssid : 00:00:00:00:00:00
oper chan : 0
noise_floor : 0
chutil : enabled
oper chutil time : N/A
oper chutil data : N/A
station info : 0/0
Radio 2 : AP
country name : NA
country code : N/A
drma_manual_mode : ncf
radio_type : 11AX_5G
channel list : 36 40 44 48 52 56 60 64 100 104 108 112 116 120 124 128 132 ...
darrp : disabled
airtime fairness : disabled
bss color : 0
txpower : high 20 low 10 tgt -70 (calc 0 oper 0 dBm)
beacon_intv : 100
rts_threshold : 2346
frag_threshold : 2346
ap scan : disable
ap scan passive : disabled
sensor mode : disabled
ARRP profile : ---
WIDS profile : ---
wlan 0 : wlan1
wlan 1 : wlan2
wlan 2 : wlan3
max vaps : 8
base bssid : 00:00:00:00:00:00
oper chan : 0
noise_floor : 0
chutil : enabled
oper chutil time : N/A
oper chutil data : N/A
station info : 0/0
Radio 3 : Monitor
ap scan passive: disabled
sensor mode : disabled
auto suppress : disabled
fgscan rptintv : 15
spectrum analysis: scan only
ARRP profile : ---
WIDS profile : ---
Radio 4 : Virtual Lan AP
max vaps : 0
base bssid : 00:00:00:00:00:00
station info : 0/0
Radio 5 : Not Exist
WAN/LAN stats :
uplink status :
get system arp
Address Age(min) Hardware Addr Interface
169.254.1.6 0 74:78:a6:d8:ca:06 fortilink
192.168.211.1 0 e8:1c:ba:bd:e1:05 vlan211
169.254.1.3 0 74:78:a6:d8:c9:70 fortilink
10.191.197.164 1 f2:21:13:5d:09:11 vlan56
169.254.1.5 0 74:78:a6:d8:cb:50 fortilink
10.192.197.170 0 76:1d:0e:78:27:b3 vlan57
192.168.216.1 0 e8:1c:ba:bd:e1:05 vlan216
10.187.197.164 0 f2:21:13:5d:09:11 vlan52
192.168.210.1 0 e8:1c:ba:bd:e1:05 vlan210
169.254.1.2 0 74:78:a6:d8:ca:42 fortilink
169.254.1.4 0 74:78:a6:d8:ca:f6 fortilink
ap vlan:
edit "vlan200fsw"
set vdom "root"
set ip 192.168.200.1 255.255.255.0
set allowaccess ping ssh snmp fgfm fabric
set alias "AP NMS LAN"
set device-identification enable
set role lan
set snmp-index 151
set auto-auth-extension-device enable
set interface "fortilink"
set vlanid 200
DHCP:
edit 17
set lease-time 3600
set dns-service default
set default-gateway 192.168.200.1
set netmask 255.255.255.0
set interface "vlan200fsw"
config ip-range
edit 1
set start-ip 192.168.200.2
set end-ip 192.168.200.254
next
Switch port config:
edit "port1"
set native-vlan 200
set allowed-vlans 30,50,101,4093
set untagged-vlans 4093
set dhcp-snooping trusted
set snmp-index 1
next
edit "port2"
set native-vlan 200
set allowed-vlans 30,50,101,4093
set untagged-vlans 4093
set dhcp-snooping trusted
set snmp-index 2
next
edit "port3"
set native-vlan 200
set allowed-vlans 30,50,101,4093
set untagged-vlans 4093
set dhcp-snooping trusted
set snmp-index 3
next
edit "port4"
set native-vlan 200
set allowed-vlans 30,50,101,4093
set untagged-vlans 4093
set dhcp-snooping trusted
set snmp-index 4
I am open to suggestions, please let me know :)
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello efernandes,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Hi efernandes,
Seems like the FortiAP is not getting the IP address from FGT. Please ensure that the FortiGate is configured as DHCP server and as a local NTP server on the actual physical interface that the FortiAP is connected to.
You may also refer to this link for more troubleshooting procedure:
https://community.fortinet.com/t5/FortiAP/Troubleshooting-Tip-FortiAP-Offline-Complete-Consolidated/...
Yes, its not getting an IP and the DHCP has been set for the AP vlan. The APs just dont request an IP from the FG.
what do you mean by on the actual physical interface?
Hello everyone, Sorry I've been away. But this issue turned out to be a weird physical port connectivity which would erratically work. The device has been replaced and the issue has been resolved.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1631 | |
1063 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.