Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MaSh1310
New Contributor

Fortigate 300C AP Setup

I am new to whole Fortinet setup but I manage to understand the basics. Actually I am in a bind as to the problems that we are facing. we have the following in our Fortinet network:

[ul]
  • Fortigate 300C firewall v5.2.11,build754(GA)
  • FortiSwitch 124E-POE v3.6.8, build4324, 180901 (GA)
  • FortiAP U221EV v5.4, build0065, 181017 (GA)[/ul]

    Now the SSID that being broadcasted by AP is in ForitCloud. And we have not configured 300C as wireless controller as it is end of life and cannot support the APs.

    We are experiencing great latency ( >1000ms ) when we try to transfer a single file ( suppose 50MB ) from a laptop to another and there is network drop in between. Sometimes the SSID even goes out of range.

    We have logged a support case for the same in Fortinet but even they are facing issues in resolving it.

    Is there a way of configuring the SSID in Fortigate either by downgrading the APs and POE Switch or by upgrading the firmware of the firewall or by both?

     

    I know the definite solution will be upgrading to the new firewall like 600C but since we are out of budget we have kept the up-gradation on hold for next year.

     

    Thanks in advance.

     

  • 4 REPLIES 4
    ede_pfau
    Esteemed Contributor III

    I'm puzzled that you are not able to manage the AP from the FGT. Is it because of the firmware version mismatch (v5.2 vs v5.4)? If so, downgrade the AP to a compatible version, or, better still, upgrade the FGT to v5.4.10 (latest) if possible. You'd benefit from the advanced features in v5.4 anyway, independent of the wireless controller.

     

    As even FG-60Cs can manage some FAPs I can't see why a FG-300C wouldn't be able to do that. This is not a matter of performance IMHO.

    And forget about the FSW. It's firmware version doesn't influence the CAPWAP traffic in any way. If in doubt, replace it by a simple cable and feed 12 volts DC to the AP (from any decent plug-type PSU).

     

    The Universal AP will look for a WLC in the network after booting, then for a FGT. If it finds one (CAPWAP enabled on the common interface), it will boot into a different firmware and behave like any simple FAP.


    Ede

    "Kernel panic: Aiee, killing interrupt handler!"
    Ede"Kernel panic: Aiee, killing interrupt handler!"
    MaSh1310

    Thanks for the reply. As far as going for 5.4, my seniors have told me that they have tried to upgrade the firewall but had to revert back because the cpu had went berserk according to them. I don't know which upgrade they were trying to do, but I guess we have to give it a try.
    ede_pfau
    Esteemed Contributor III

    I guess downgrading the U-FAP won't be possible, right? Did you try to manage the FAP from the FGT? If impossible, why? What kind of errors are you facing?


    Ede

    "Kernel panic: Aiee, killing interrupt handler!"
    Ede"Kernel panic: Aiee, killing interrupt handler!"
    Fullmoon

    experience this concern before, no error appeared on the logs. Its just like FGT 300C unable to managed the updated AP version.AFAIK, FGT 300C supports 5.2.x only (latest version).

    Fortigate Newbie

    Fortigate Newbie
    Labels
    Top Kudoed Authors