FortiAP-S and FortiAP-U bridge mode security profiles
If a bridge mode SSID is configured for a managed FortiAP-S or FortiAP-U, you can add security profiles to the wireless controller configuration that allows you to apply the following security profile features to the traffic over the bridge SSID:
- AntiVirus
- Scan Botnets
- Intrusion Prevention
- Application Control
- Web Filter
Configure security profiles - CLI
You can configure security profiles on managed FortiAP-S and FortiAP-U under config wireless-controller vap
, after local-bridging
and utm-status
are set to enable
.
To view all available profiles that you can assign, type "?
". For example, "set ips-sensor ?
".
config wireless-controller vap
edit "utm_ssid1"
set ssid "utm_ssid1"
set local-bridging enable
set utm-status enable
set ips-sensor "wifi-default"
set application-list "wifi-default"
set antivirus-profile "wifi-default"
set webfilter-profile "wifi-default"
set scan-botnet-connections monitor
next
end
Debug configurations
To debug wireless-controller
configurations related to security profiles, use the following diagnose command:
diagnose wireless-controller wlac_hlp