Fortinet Document Library

Version:


Table of Contents

6.2.0
Download PDF
Copy Link

Enabling rogue AP scan

The guide provides simple configuration instructions for enabling ap-scan on FortiAP. The steps include creating a WIDS profile and selecting the WIDS profile on the managed FortiAP.

To enable rogue AP scan on the FortiWiFi and FortiAP GUI:
  1. Create a WIDS profile:
    1. In FortiWiFi and FortiAP, go to WiFi & Switch Controller > WIDS Profiles. Click Create New.
    2. Enable Enable Rogue AP Detection.
    3. Complete the configuration, then click OK.
  2. Select the WIDS profile for the managed FortiAP:
    1. Go to WiFi & Switch Controller > FortiAP Profiles.
    2. Select the FortiAP profile applied to the managed FortiAP, then click Edit.
    3. Enable WIDS Profile. Select the profile created in step 1. Click OK.
To enable rogue AP scan using the FortiWiFi and FortiAP CLI:
  1. Create a WIDS profile:

    config wireless-controller wids-profile

    edit "example-wids-profile"

    set ap-scan enable

    next

    end

  2. Select the WIDS profile for the managed FortiAP:

    config wireless-controller wtp-profile

    edit "example-FAP-profile"

    config platform

    set type <FAP-model-number>

    end

    set handoff-sta-thresh 55

    set ap-country US

    config radio-1

    set band 802.11n

    set wids-profile "example-wids-profile"

    set vap-all disable

    end

    config radio-2

    set band 802.11ac

    set vap-all disable

    end

    next

    end

Enabling rogue AP scan

The guide provides simple configuration instructions for enabling ap-scan on FortiAP. The steps include creating a WIDS profile and selecting the WIDS profile on the managed FortiAP.

To enable rogue AP scan on the FortiWiFi and FortiAP GUI:
  1. Create a WIDS profile:
    1. In FortiWiFi and FortiAP, go to WiFi & Switch Controller > WIDS Profiles. Click Create New.
    2. Enable Enable Rogue AP Detection.
    3. Complete the configuration, then click OK.
  2. Select the WIDS profile for the managed FortiAP:
    1. Go to WiFi & Switch Controller > FortiAP Profiles.
    2. Select the FortiAP profile applied to the managed FortiAP, then click Edit.
    3. Enable WIDS Profile. Select the profile created in step 1. Click OK.
To enable rogue AP scan using the FortiWiFi and FortiAP CLI:
  1. Create a WIDS profile:

    config wireless-controller wids-profile

    edit "example-wids-profile"

    set ap-scan enable

    next

    end

  2. Select the WIDS profile for the managed FortiAP:

    config wireless-controller wtp-profile

    edit "example-FAP-profile"

    config platform

    set type <FAP-model-number>

    end

    set handoff-sta-thresh 55

    set ap-country US

    config radio-1

    set band 802.11n

    set wids-profile "example-wids-profile"

    set vap-all disable

    end

    config radio-2

    set band 802.11ac

    set vap-all disable

    end

    next

    end