Enabling rogue AP scan
The guide provides simple configuration instructions for enabling ap-scan on FortiAP. The steps include creating a WIDS profile and selecting the WIDS profile on the managed FortiAP.
To enable rogue AP scan on the FortiWiFi and FortiAP GUI:
- Create a WIDS profile:
- In FortiWiFi and FortiAP, go to WiFi & Switch Controller > WIDS Profiles. Click Create New.
- Enable Enable Rogue AP Detection.
- Complete the configuration, then click OK.
- Select the WIDS profile for the managed FortiAP:
- Go to WiFi & Switch Controller > FortiAP Profiles.
- Select the FortiAP profile applied to the managed FortiAP, then click Edit.
- Enable WIDS Profile. Select the profile created in step 1. Click OK.
To enable rogue AP scan using the FortiWiFi and FortiAP CLI:
- Create a WIDS profile:
config wireless-controller wids-profile
edit "example-wids-profile"
set ap-scan enable
next
end
- Select the WIDS profile for the managed FortiAP:
config wireless-controller wtp-profile
edit "example-FAP-profile"
config platform
set type <FAP-model-number>
end
set handoff-sta-thresh 55
set ap-country US
config radio-1
set band 802.11n
set wids-profile "example-wids-profile"
set vap-all disable
end
config radio-2
set band 802.11ac
set vap-all disable
end
next
end