I have some issues with the Fortinet APs.
We installed 69 431F AP in a company and we are noticing interferences in both radios but specially in 2.4GHz.
We started disabling the 2.4Ghz in some of the APs and we see less interferences, but I am not sure if this is the best practice disable the 2.4Ghz completely? does that will cause issues of coverage?
OR
Is it better to play with the power transmit in place of disabling the radio completely?
If this is a high density deployment than yes, the 2.4 GHz band will have a lot of interference. You can try by setting the power to auto and lowering the minimum transmit power range (ex. starting from 3 dBm) for this band. You can also carefully plan to disable this band on some of the APs for areas that are already covered by other APs. If most of the end hosts are modern/smart devices is always recommended to configure also band-steering.
I have already started playing with the transmit power. I put it in the range from 4 to 9 dbm But I still see a strong interference between APs.
what about outdoor APs (432F), is it recommended to disable 2.4Ghz on them also? is it going to cause coverage issues for people in the yard outside?
I would suggest to lower only the minimum transmit power to 3dBm, the maximum value can be left to 21, the controller will lower the transmit power according to the surrounding APs. The 2.4Ghz band offers better coverage and for outdoors AP it should be used also because usually there are no high density AP deployed outside.
The interference will always be present and may not be a direct indication of the quality of service in the end host. To investigate further it's better to focus on problematic clients and monitor their statistics:
The "Signal Strength/Noise" and "Transmission Discard/Retry" are the most important indicators (keep in mind that even though it's showing the quality from the client PoV the calculations are done from the AP).
You’ve not listed what issues you’re having - can you give some examples? I’ve got some older ones running and they’re solid, got one recently EOO’d that I got for a project to deliver WFH wireless and LAN and it worked well but WiFi on the iPhone was patchy. Mostly ok.
it is a purely Wi-Fi environment. Some of the issues is that people complaining that the Wi-Fi disconnect for few seconds and connect again automatically where other people wouldn't be able to connect unless they reboot laptops and sometimes it says "no internet, secured" even after the reboot. when I check in firewall, I see that these persons are connected and have the correct vlan, but they do not have internet because of interferences. In this case I usually reboot the AP.
Hi Assiamour,
A couple of points:-
1. Looking at your screenshot it looks like most of your APs are using "default" channels (either channel 1 for 2.4GHz or channel 36 for 5GHz).
You should set up (and schedule to run regularly) Distributed Radio Resource Provisioning:-
This will help automatically optimize the channels in use across the 69 APs (for both 2.4 and 5GHz) to give you the best channel usage in your environment.
2. 2.4GHz channel bandwidths.
The 2.4GHz band is rather limited- in fact it only has 3 or 4 20 MHz channels available in most parts of the world. If you have 69 APs then you will always have interference as those channels need to be reused on multiple APs.
The situation is even worse if you use 40MHz channels on the APs (which I believe the 431s support). In this case you have only 1 or 2 channels available (implying that ever other AP will be using the same 2.4GHz channel).
I can't see it mentioned in any of the Fortinet recommendations for dense WiFi environments- but the recommendation should be to only use 20MHz bandwidth on your APs for the 2.4GHz band.
Clients that need higher bandwidth will likely roam to the 5GHz band (make sure you have band steering enabled- covered by other of the other people who replied).
The FortiAPs are pretty good- if you follow the advice on this thread they should work well in your environment.
Kind Regards,
Hi Andy,
First of all, Thanks for the detailed reply.
1- you are right, Radio Resources Provisioning was not enabled on both. I enabled it and I will monitor the behavior. Thanks for this info!
2- Yes, Frequency Handoff is enabled too. and I always use 20MHz in 2.4Ghz Radio.
I would like to get your opinion about disabling 2.4Ghz in all internal APS ( 1 AP every 2 classes) ? is it a solution or we should leave some of the APs on 2.4Ghz also?
Hi Assiamour_,
Good update- glad you are making progress.
1. That's good- I suspect that will solve a lot of your issues. I schedule Radio Resources Provisioning to run overnight. It might take a few days to get an "optimum" plan but I suspect that will help a lot.
I think the automation should help you get this sorted. Manually disabling specific APs sounds like an operationally painful approach. You really want to get this working as you want without too much further management.
Witht that in mind I would suggest looking ar your AP profile and checking:-
- Schedule Radio Resources Provisioning to run over night (some devices just don't seem to roam well and channel during work hours can cause more user problems).
- Set auto Tx powers to minimise interference. I use 5 to 12 dBm auto Tx for 2.4GHz and 10 to 17 dBm auto Tx for 5GHz you may want to try a bit lower, but it will depend on your network. Ideally a similar coverage area for both bands is what you want (and worth noting the issues you see on 2.4GHz will exist in the 5GHz band- you just perhaps haven't seen that so badly yet).
- disable "short guard interval". It probably doesnt help you here if it is enabled.
- in cli "set max-distance 30" (metres) for both radios. This helps an AP ignore more distant clients (which should have roamed to a nearer AP)
- in cli "set max-clients 100" (or similar value) to ensure you don't end up with too many clients on one AP.
- in cli "set airtime-fairness enable" which again helps with distant clients (https://docs.fortinet.com/document/fortiap/7.4.2/fortiwifi-and-fortiap-configuration-guide/794313/ai...).
- in cli "set 80211d disable" if 802.11d is not required.
On your SSIDs
- make sure you have 802.11k, 802.11v and fast BSS transition enabled. These settings will help encourage client roaming.
- adjust your airtime fair settings if you need too.
2. That makes a lot of sense.
What drove the 69 AP number? Did Fortinet or someone do some planning for you? Without know more details of what buildings you have, AP spacings etc it's hard to know.
My feeling would be that if you are turning off the 2.4GHz radio then the AP is probably not needed. As I said about you really want the 2.4GHz and 5GHz coverage from an AP to be similar. So if the 2.4GHz coverage isn't required probably the 5GHz is also not need either.
These are good products and the documentation is pretty good really. But it does take some config to get right.
Kind Regards,
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1736 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.