- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Re: Old fortiAP problem to connect fortigate
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Old fortiAP problem to connect fortigate
maybe some one know how to repair old ap to be able to connect to fortigate.
FortiAP log:
01604.070 cwDtlsSslInitClient 0x101f3168 0x101f2b90 0x101cf138
01604.071 cwDtlsInfoCbFn: failed(?); DTLS connect:SSLv3 read server hello A
01604.072 cwEventFdsUpdate: updated fds. Curr gNumEventFds: 9. gMaxFd: 28
01604.073 cwDtlsInfoCbFn: failed(?); DTLS connect:SSLv3 read server hello A
01604.074 cwWtpDtlsThread: handshake was not successful! Fatal error: 5
01604.121 cwDtlsInfoCbFn: failed(?); DTLS connect:SSLv3 read server session ticket A
01604.122 cwWtpDtlsThread: handshake was not successful! Fatal error: 5
01604.142 cwDtlsCertVerify Cert Error (10: certificate has expired)
01604.142 =================================================
01604.142 cwWtpDtlsThread cwDtlsCertVerify failed
01604.142 =================================================
01604.142 cwWtpDtlsThread: Own Certificate
01604.143 cwWtpDtlsThread: Peer Certificate
01604.144 wlan_set_led led 4 state 3
01604.144 cwDevIoctl_ifru_data wldvlan 89f0 ERR - Invalid argument
01604.145 cwDevIoctl_vbr_ifru_data cmd drv ERR - Invalid argument
01604.145 cwWtpKernDvlanSetFlush 1 ERR - Invalid argument
01604.147 Unsupported scan mode change DISABLE ==> DISABLE
01604.147 cwDtlsInfoCbFn: DTLS ALERT: (write) warning:close notify
01604.147 cwWtpDtlsSessionStop_chan SSL_shutdown rc 0
01604.148 CWWS_DTLS_TD_enter FailedDTLSAuthFailCount 0 FailedDTLSSessionCount 0 max 3
01604.149 cwEventFdsUpdate: updated fds. Curr gNumEventFds: 7. gMaxFd: 16
01606.070 wlan_set_led led 4 state 1
01607.069 SYNC local time to 2023-01-26 21:43:23 based on AC (10.10.130.1) TS
01607.070 cwDtlsSslInitClient 0x101f3168 0x101f2b90 0x101cf138
01607.071 cwDtlsInfoCbFn: failed(?); DTLS connect:SSLv3 read server hello A
01607.072 cwEventFdsUpdate: updated fds. Curr gNumEventFds: 9. gMaxFd: 28
MVP
MVP
Labels:
- Labels:
-
FortiAP
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Can you specify which version of AP/FGT are you trying to match?
You can try to manually disable DTLS as described here:
https://docs.fortinet.com/document/fortiap/7.2.1/fortiwifi-and-fortiap-configuration-guide/350248/wi...
- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
If you have found a solution, please like and accept it to make it easily accessible for others.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I try to match
Fortigate: 6.2.12
FortiAP-210B v5.2,build0265,180118 (GA)
no luck after turning dtls off. Error looks the same whit certificate error. :\
MVP
MVP
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yeah no matter what this ancient AP will offer an awful user experience to any wireless clients connected to it. I would also suggest upgrading your FortiGate firmware as well.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Please review the compatibility matrix: https://docs.fortinet.com/document/fortiap/6.4.0/fortiap-and-fortios-compatibility-matrix/495193/for...
The 210B is not listed as a supported AP under FOS 6.X.
Cheers,
Graham
Graham
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
That looks like a very old AP, it's trying to use SSLv3 that is deprecated for a long time. The oldest firmware on Fortinet's documentations is 5.4 and this specific AP is not mentioned on the release notes. The only document I could find is this one: https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/ec78e486-1eab-11e9-b6f6-f8bc12...
- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
If you have found a solution, please like and accept it to make it easily accessible for others.
Related Posts
Labels
-
FortiGate
6,457 -
FortiClient
1,290 -
5.2
801 -
5.4
639 -
FortiManager
562 -
6.0
416 -
FortiAnalyzer
411 -
5.6
362 -
FortiSwitch
331 -
FortiAP
327 -
FortiClient EMS
259 -
6.2
251 -
FortiMail
239 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
148 -
6.4
128 -
FortiNAC
103 -
FortiGuard
102 -
FortiGateCloud
86 -
FortiSIEM
85 -
FortiCloud Products
82 -
FortiToken
69 -
Customer Service
69 -
IPsec
68 -
4.0MR3
64 -
Wireless Controller
58 -
SSL-VPN
54 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
38 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
30 -
FortiSwitch v6.4
28 -
FortiConnect
23 -
SD-WAN
23 -
FortiWAN
22 -
FortiConverter
21 -
High Availability
20 -
Firewall policy
20 -
VLAN
18 -
FortiPortal
17 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiMonitor
14 -
Certificate
14 -
FortiDDoS
13 -
Routing
12 -
FortiCASB
12 -
SAML
11 -
BGP
11 -
DNS
11 -
Interface
11 -
FortiGate v5.0
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
LDAP
9 -
FortiManager v5.0
9 -
4.0MR2
9 -
Logging
9 -
RADIUS
8 -
Traffic shaping
8 -
Virtual IP
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
NAT
7 -
FortiAuthenticator
7 -
Admin
7 -
FortiGate v4.0 MR3
7 -
4.0
7 -
Fortigate Cloud
6 -
IP address management - IPAM
6 -
SSID
5 -
Security profile
5 -
Traffic shaping policy
5 -
Authentication
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
Static route
5 -
FortiManager v4.0
5 -
FortiDirector
4 -
SSL SSH inspection
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
packet capture
3 -
FortiToken Cloud
3 -
Automation
3 -
Intrusion prevention
3 -
DoS policy
3 -
FortiTester
3 -
Port policy
3 -
FortiDB
3 -
IPS signature
3 -
FortiDeceptor
2 -
FortiInsight
2 -
Antivirus profile
2 -
VoIP profile
2 -
Traffic shaping profile
2 -
Web profile
2 -
FortiAP profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
trunk
2 -
NAC policy
1 -
SDN connector
1 -
4.0MR1
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Web rating
1 -
Application signature
1 -
Authentication rule and scheme
1 -
Multicast routing
1 -
Zone
1 -
FortiManager-VM
1 -
Fabric connector
1 -
Internet Service Database
1 -
Fortinet Engage Partner Program
1 -
System settings
1 -
Explicit proxy
1 -
TACACS
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.