FortiWLC Configure Controller Parameters From the Web UI

Configure Controller Parameters From the Web UI

To reconfigure an existing controller, click Configuration > Devices > Controller > [select a controller] > Settings. The following parameters can be configured from the Web UI with Level 10 permission:

  • Information for recognizing and tracking controllers such as the Description, Location, and Contact person
  • Whether or not APs should be Automatically Upgraded by a controller
  • DHCP Server address and DHCP Relay Passthrough (whether or not packets are actually passed to the DHCP server)
  • Statistics Polling Period and Audit Polling Period, which affect how often a controller refreshes data
  • Default AP Initialization Script (bootscript) that run on APs with no other script specified
  • Controller Index number used for identification (Note that changing this initiates a controller reboot.)
  • Whether or not the controller will interact with the AeroScout Location Engine and associated APs will interact with AeroScout Tags to provide real-time asset tracking
  • Whether or not Fastpath Mode is used. Fastpath Mode accelerates the rate that packets move through the Ethernet interface based on identification of an IP packet stream. When FastPath is enabled, the beginning of the IP packet stream is processed by the controller, and all subsequent packets of the same stream are forwarded according to the disposition of the initial packets, without being processed by the controller. This offloads a significant amount of processing from the controller.
  • Bonding Mode affects MC4200, MC5000, and MC6000 models. Single Bonding combines all Ethernet ports into one port for accelerated throughput. Dual Bonding configures two ports for the controller.

Configure Controller Parameters From the Web UI

  • Virtual Cell for AP400, or AP1000 is not determined by any controller setting.
  • Whether or not Dynamic Frequency Selection (DFS) is enforced. For installations within the United States, enforcing DFS means that channels 52-64 (5.25-5.35 GHz), 100-116 (5.475.725 GHz), and 136-140 (5.68-5.70 GHz) conform to DFS regulations, protecting radar from interference on these channels.
  • The number of minutes of station inactivity that causes a client to time out is set by the Station Aging Out Period.
Configure UDP Broadcast with Web UI

You can enable all UDP ports at once with the WebUI commands for upstream and downstream traffic. Fortinet does not recommend that you enable this feature on a production network because it could lead to broadcast storms leading to network outages. This feature is provided for testing purposes only.

You need to assign each ESS (see the chapter “Configuring an ESS.”) to a specific VLAN (see the chapter “Configuring VLANs.”) before enabling all UDP broadcast ports. Having multiple ESS’s in the default VLAN and enabling all UDP broadcast ports does not work.

To configure UDP broadcast upstream/downstream for all ports, follow these steps:

  1. Click Configuration > Devices > System Settings.
  2. Click the tab UDP Broadcast Ports.
  3. Determine the type of UDP Broadcast mode you wish to configure (Tunnel Mode or Bridge Mode) and click that Tab.
  4. Click Add.
  5. Check the type of UDP Broadcast rule you wish to configure, Upstream or Downstream.
  6. Enter a UDP Port Number in the range 1-65355 and then click Save. The port number now appears in the UDP Broadcast Port list.

Perform the above steps for as many ports as desired.

This entry was posted in Administration Guides, FortiWLC on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.