Fortinet black logo

FortiWiFi and FortiAP Cookbook

Home FortiAP / FortiWiFi 6.4.0 FortiWiFi and FortiAP Cookbook

Enabling rogue AP scan

6.4.0
6.4.0
6.2.0
Copy Link
Copy Doc ID daf31b55-67cc-11ea-9384-00505692583a:972519
Download PDF

Enabling rogue AP scan

The guide provides simple configuration instructions for enabling ap-scan on FortiAP. The steps include creating a WIDS profile and selecting the WIDS profile on the managed FortiAP.

To enable rogue AP scan on the FortiWiFi and FortiAP GUI:
  1. Create a WIDS profile:
    1. In FortiWiFi and FortiAP, go to WiFi & Switch Controller > WIDS Profiles. Click Create New.
    2. Enable Enable Rogue AP Detection.
    3. Complete the configuration, then click OK.
  2. Select the WIDS profile for the managed FortiAP:
    1. Go to WiFi & Switch Controller > FortiAP Profiles.
    2. Select the FortiAP profile applied to the managed FortiAP, then click Edit.
    3. Enable WIDS Profile. Select the profile created in step 1. Click OK.
To enable rogue AP scan using the FortiWiFi and FortiAP CLI:
  1. Create a WIDS profile:

    config wireless-controller wids-profile

    edit "example-wids-profile"

    set ap-scan enable

    next

    end

  2. Select the WIDS profile for the managed FortiAP:

    config wireless-controller wtp-profile

    edit "example-FAP-profile"

    config platform

    set type <FAP-model-number>

    end

    set handoff-sta-thresh 55

    set ap-country US

    config radio-1

    set band 802.11n

    set wids-profile "example-wids-profile"

    set vap-all disable

    end

    config radio-2

    set band 802.11ac

    set vap-all disable

    end

    next

    end

Previous
Next

Enabling rogue AP scan

The guide provides simple configuration instructions for enabling ap-scan on FortiAP. The steps include creating a WIDS profile and selecting the WIDS profile on the managed FortiAP.

To enable rogue AP scan on the FortiWiFi and FortiAP GUI:
  1. Create a WIDS profile:
    1. In FortiWiFi and FortiAP, go to WiFi & Switch Controller > WIDS Profiles. Click Create New.
    2. Enable Enable Rogue AP Detection.
    3. Complete the configuration, then click OK.
  2. Select the WIDS profile for the managed FortiAP:
    1. Go to WiFi & Switch Controller > FortiAP Profiles.
    2. Select the FortiAP profile applied to the managed FortiAP, then click Edit.
    3. Enable WIDS Profile. Select the profile created in step 1. Click OK.
To enable rogue AP scan using the FortiWiFi and FortiAP CLI:
  1. Create a WIDS profile:

    config wireless-controller wids-profile

    edit "example-wids-profile"

    set ap-scan enable

    next

    end

  2. Select the WIDS profile for the managed FortiAP:

    config wireless-controller wtp-profile

    edit "example-FAP-profile"

    config platform

    set type <FAP-model-number>

    end

    set handoff-sta-thresh 55

    set ap-country US

    config radio-1

    set band 802.11n

    set wids-profile "example-wids-profile"

    set vap-all disable

    end

    config radio-2

    set band 802.11ac

    set vap-all disable

    end

    next

    end

Previous
Next