Hello all,
hat problems with my 9/10 year old Fortigateconfig, so i reconfigured everything new on 6.4.3 per hand. Since the new setup, sometimes i'am not able to connect to 5Ghz on my two 221C anymore. Only a reboot, disable enable 5Ghz/SSID helps. The strange thing is i see the SSID and if connect sometimes the connection works, but with really really poor signal in log of the fortigate. But on the client side it shows me a really good/best signal.
This day on 08:55 AM all Clients where disconnced. Before that it ran for a few days without any problems. That has been the case a few times now. An update to 6.4.4 didn't help either. FortiAPs are on the last available firmwareversion.
here are my AP Configs:
config wireless-controller wtp-profile
edit "FAP-221C"
config platform
set type 221C
end
set handoff-sta-thresh 30
set allowaccess https ssh snmp
set frequency-handoff enable
set ap-handoff enable
config radio-1
set band 802.11n-only
set short-guard-interval enable
set auto-power-level enable
set wids-profile "osit"
set darrp enable
set vap-all manual
set vaps "bodyguide-dev" "surfen"
set vap1 "surfen"
set vap2 "bodyguide-dev"
set channel "1" "6" "11"
end
config radio-2
set band 802.11ac-only
set short-guard-interval enable
set channel-bonding 80MHz
set auto-power-level enable
set wids-profile "osit"
set darrp enable
set vap-all manual
set vaps "wlan-bodyguide" "bodyguidemobile" "surfen"
set vap1 "surfen"
set vap2 "wlan-bodyguide"
set vap3 "bodyguidemobile"
set channel "36" "40" "44" "48" "52" "56" "60" "64" "100" "104" "108" "112" "116" "120" "124" "128"
end
next
end
config wireless-controller ble-profile
edit "fortiap-discovery"
set advertising ibeacon eddystone-uid eddystone-url
set ibeacon-uuid "wtp-uuid"
next
end
config wireless-controller wids-profile
edit "default-wids-apscan-enabled"
set ap-scan enable
next
edit "my-special-default"
set ap-scan enable
set wireless-bridge enable
set deauth-broadcast enable
set null-ssid-probe-resp enable
set long-duration-attack enable
set invalid-mac-oui enable
set weak-wep-iv enable
set auth-frame-flood enable
set assoc-frame-flood enable
set spoofed-deauth enable
set asleap-attack enable
set eapol-start-flood enable
set eapol-logoff-flood enable
set eapol-succ-flood enable
set eapol-fail-flood enable
set eapol-pre-succ-flood enable
set eapol-pre-fail-flood enable
next
end
It doesn't depend on the SSID. Then I move "surfing" to 5Ghz only, then it doesn't work anymore. So it only affects 5Ghz.
Very thanks and best Regards
Fortigate 60E v7.x (GA)
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I have found on the 221B WAP that channel bonding will eventually hose the connections and rebooting is the only resolution. Try removing the channel bonding and see if the problem goes away.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Hello @rwpatterson, thanks for you answer, i've unset the channelbonding, but if i do that only 20Mhz are possible, so very slow network. But ok, i test it the next days. :)
Fortigate 60E v7.x (GA)
@rwpatterson
very thanks it works now. 80Mhz is enabled, but all other flags with the channels are disabled.
Fortigate 60E v7.x (GA)
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1547 | |
1031 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.