Fortinet black logo

FortiWiFi and FortiAP Configuration Guide

FortiAP shell command

Copy Link
Copy Doc ID 8391206d-966e-11eb-b70b-00505692583a:909000
Download PDF

FortiAP shell command

The FortiAP is often behind a NAT device and access to the FortiAP through SSH is not available. The FortiGate WiFi controller can send a FortiAP shell command (up to 127 bytes) to the FortiAP. The FortiAP runs this command and then returns the results to the controller using the Control and Provisioning of Wireless Access Points Protocol (CAPWAP) tunnel.

The maximum output from a FortiAP shell command is limited to 4 MB. The default output size is set to 32 KB.

The FortiAP reports the running results to the controller after the command is finished. If the controller sends a new command to the FortiAP before the previous command is finished, the previous command is canceled.

Enter the following command:

diag w-c wlac wtpcmd wtp_ip wtp_port cmd [cmd-to-ap] cmd: run,show,showhex,clr,r&h,r&sh

  • cmd-to-ap: any shell commands, but FortiAP does not report results until the command is finished on the FortiAP
  • run: controller sends the ap-cmd to the FortiAP to run
  • show: show current results reported by the FortiAP in text
  • showhex: show current results reported by the FortiAP in hexadecimal format.
  • clr: clear reported results
  • r&s: run and show
  • r&sh: run and show in hexadecimal format

FortiAP shell command

The FortiAP is often behind a NAT device and access to the FortiAP through SSH is not available. The FortiGate WiFi controller can send a FortiAP shell command (up to 127 bytes) to the FortiAP. The FortiAP runs this command and then returns the results to the controller using the Control and Provisioning of Wireless Access Points Protocol (CAPWAP) tunnel.

The maximum output from a FortiAP shell command is limited to 4 MB. The default output size is set to 32 KB.

The FortiAP reports the running results to the controller after the command is finished. If the controller sends a new command to the FortiAP before the previous command is finished, the previous command is canceled.

Enter the following command:

diag w-c wlac wtpcmd wtp_ip wtp_port cmd [cmd-to-ap] cmd: run,show,showhex,clr,r&h,r&sh

  • cmd-to-ap: any shell commands, but FortiAP does not report results until the command is finished on the FortiAP
  • run: controller sends the ap-cmd to the FortiAP to run
  • show: show current results reported by the FortiAP in text
  • showhex: show current results reported by the FortiAP in hexadecimal format.
  • clr: clear reported results
  • r&s: run and show
  • r&sh: run and show in hexadecimal format