GUI support for WiFi SSID schedules (276425 269695 269668 )
WiFi SSIDs include a schedule that determines when the WiFi network is available. The default schedule is Always. You can choose any schedule (but not schedule group) that is defined in Policy & Objects > Objects > Schedules.
CLI Syntax
config wireless-controller vap edit vap-name
set schedule always end
The WiFi SSID list includes a Schedule column.
SSID Groups
An SSID Group has SSIDs as members and can be specified in any field that accepts an SSID.
To create an SSID Group in the GUI, go to WiFi Controller > SSID and select Create New > SSID Group. Give the group a Name and choose Members (SSIDs, but not SSID Groups).
To create an SSID Group in the CLI:
config wireless-controller vap-group edit vap-group-name
set vaps “ssid1” “ssid2” end
RADIUS Change of Authorization (CoA) support
The CoA feature enables the FortiGate to receive a client disconnect message from the RADIUS server. This is used to disconnect clients when their time, credit or bandwidth had been used up. Enable this on the RADIUS server using the CLI:
config user radius edit <server_name>
set radius-coa enable end
CAPWAP offloading to NPU
On FortiGates with the NP6 processor, offloading of CAPWAP traffic to the NP6 is enabled by default.
Administrative access to managed FortiAPs
By default, telnet access to a FortiAP unit’s internal configuration is disabled when the FortiAP is managed (has been authorized) by a FortiGate. You can enable administrative access in the FortiAP profile, like this:
config wireless-controller wtp-profile edit FAP321C-default
set allowaccess telnet end
The allowaccess field also accepts http to allow HTTP administatrative access. The FortiAP Profile allowaccess settings can be overridden at the individual FortiAP:
config wireless-controller wtp edit FP321CX14004706
set override-allowaccess enable set allowaccess telnet http
end
Improved monitoring
The WiFi Client Monitor under Monitor displays top wireless user network usage and information that includes Device, Source IP, Source SSID, and Access Point. Disk logging must be enabled.
Wifi Clients and Failed Authentication views under FortiView are historical views.