FortiWLC – Automatic AP Upgrade

Automatic AP Upgrade

The automatic AP upgrade features is enabled by default. It allows an AP’s firmware to be automatically upgraded by the controller when the AP joins the WLAN. An AP cannot provide service (and consequently be part of the WLAN) if its firmware is at a different level than that of the controller.

When an AP initiates its discovery phase, the controller checks the firmware version and initiates an upgrade if the version is not at the same level as that of the controller. This feature simplifies the process of adding and maintaining a group of APs on an existing WLAN.

When the automatic AP upgrade feature is enabled, you can check the upgrade status of affected APs through syslog messages and SNMP traps that warn of an AP/controller software version mismatch. An alarm is dispatched to an SNMP manager if a mismatch exists. After the firmware is downloaded to the AP, the AP boots, attempts discovery, is checked, and after upgrading, runs the new software version. Once the match is confirmed, another set of syslog messages and SNMP traps are sent notifying that the AP/controller software versions match. Alarms are then cleared.

To disable this feature:

default# auto‐ap‐upgrade disable default# show controller

Global Controller Parameters

Configure Gain for External Antennas

Controller ID                                         : 1

Description                                           : 3dot4dot1 Controller

Host Name                                             : DC9

Uptime                                                : 03d:01h:17m:33s

Location                                              : Qa scale testbed near IT room

Contact                                               : Raju

Operational State                                     : Enabled

Availability Status                                   : Online

Alarm State                                           : No Alarm

Automatic AP Upgrade                                  : off

Virtual IP Address                                    : 192.168.9.3

Virtual Netmask                                       : 255.255.255.0

Default Gateway                                       : 192.168.9.1

DHCP Server                                           : 10.0.0.10

Statistics Polling Period (seconds)/0 disable Polling : 60

Audit Polling Period (seconds)/0 disable Polling      : 60

Software Version                                      : 3.7‐49

Network Device Id                                     : 00:90:0b:07:9f:6a

System Id                                             : 245AA7436A21

Default AP Init Script                                :

DHCP Relay Passthrough                                : on

Controller Model                                      : mc3200

Country Setting                                       : United States Of America

Manufacturing Serial #                                : N/A

Management by wireless stations                       : on

Controller Index                                      : 0

Topology Information Update                           : off Viewing AP Status

From the Web UI, view AP radio status by clicking Monitor > Dashboard > Radio or Monitor > Diagnostics > Radio. Click Help for descriptions of the charts. The icons at the bottom of all screens include a green AP (enabled) and a red AP (disabled); you can also see the same information at Monitor > Dashboard > System.

There are several CLI commands you can use to view AP status:

Automatic AP Upgrade

TABLE 26: Commands to View System Status

Command Purpose
show ap [index] Displays the status of the AP, such as serial number, uptime, operational status, availability, alarm state, security mode, privacy bit, boot script, AP model, and FPGA version. If the AP index is not specified, a summary of the AP status is displayed.
show antenna-property Displays the antenna properties.
show ap-connectivity Displays the access point connections.
show ap-discovered Displays the list of discovered access points and stations.
show ap-limit Displays how many APs are licensed for this controller.
show ap-siblings Displays the AP Siblings table. APs operating in the same channel that can hear each other are AP-siblings. APs can hear beacons with RSSI as low as -80 to -85dbm, but RSSI values lower than this are not heard.
show ap-swap Displays the access point replacement table.
show ess-ap Displays the ESS-AP table for the access point.
show interfaces Dot11radio Displays the configuration of the wireless interface.
show interfaces Dot11Radio statistics Displays the statistics related to the wireless interface.
show regulatory-domain Displays the regulatory information for the country.
show statistics top10-ap-problem Displays a list of the top 10 problem access points.
show statistics top10-ap-talker Displays a list of the top 10 most active access points.
show topoap Displays the topology of all access points as seen by the coordinator.
show topoapap Displays the Received Signal Strength Indicator (RSSI) between all pairs of APs.

Automatic AP Upgrade

This entry was posted in Administration Guides, FortiWLC on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.