web pages won't open through fortiap on a laptop and some mobile phones
I have 2 FAP221B configured with a FGT 70d in the tunnel mode with WPA2-Personal. Everything worked really well till we tried connecting some more devices to it as this was a demo i was performing. And suddenly we see that 2 nokia lumia and 2 android smartphones won't load any webpages at all in the browser. Also my own samsung ace won't even get to the internet.
While at the same time one samsung and one htc both android devices were getting full internet access for all apps and browsers.
Then i tried with a laptop just to see what's happening. Tracert and ping to google.com(means dns works) works but it just won't open any webpages in the browser, the browser simply acts like there's no internet. Then I saw skype was logged on so i did a test call to their server and that worked. I changed DNS server to 188.8.131.52 and still nothing in any of the browsers chrome,ff and ie.
The basic policy with full access is in use with no UTM features.
All the devices we used mostly don't even support 5GHz. So good to assume all were on 2.4 only.
I did not try with bridge mode, i am actually not aware what is the difference between the two. The fgt 70D datasheet says it supports 32 fortiaps maximum and 16 in tunnel mode. So the other is the bridge mode you are mentioning? Also what else would be different in bridge then in tunnel and why exactly this limit of 32 and 16?
The 70D controller should tell you what radio (24./5GHz) the clients are connected to. Tunnel mode requires more processing power in the Fortigate vs bridge mode but this shouldn't be an issue with only 2 APs on a 70D.
I went through the fortiap setup videos and they only demonstrated tunnel mode and as it goes with the demos only the steps are mentioned with no explanation at all.
But could this problem have to do with any of it, because on some phones everything just works fine. And even on the one laptop with the issue the pings work fine and so did skype, what could exactly prevent only the browser from getting to the internet?
I tried wireshark and i noticed some mention of malformed packets in the capture, i have no experience to troubleshoot with wireshark any more than that.
I'm sorry i don't really have that information now. But my best guess would be that none of the devices had 5GHz support anyway so they were all on 2.4GHz.
But now the next day my colleague went to the client for this same demo and one of the samsung phones on which the internet was working fine before can't get to the internet now and the other lumia phones and the laptop which had the issue can now get to the internet just fine.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.