Fortinet black logo

FortiWiFi and FortiAP Configuration Guide

Home FortiAP / FortiWiFi 7.2.0 FortiWiFi and FortiAP Configuration Guide

Monitoring application usage for clients connected to bridge mode SSIDs

7.2.0
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.1
7.2.0
7.0.4
7.0.2
7.0.1
7.0.0
6.4.6
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.2
6.2.0
6.0.5
6.0.4
6.0.3
5.6.4
5.4.3
Copy Link
Copy Doc ID 89ea0dba-bc2e-11ec-9fd1-fa163e15d75b:34671
Download PDF

Monitoring application usage for clients connected to bridge mode SSIDs

Note

FortiAPs must be running firmware version 7.2.0 and later. WiFi clients must be connected to a bridge mode SSID.

You can monitor the application usage data for clients that are connected on bridge mode IDs by using the CLI command "diagnose wireless-controller wlac -d sta online". FortiGate receives the wireless client application information from FortiAPs and analyzes the traffic information on each application.

The following CLI commands can be configured under config wireless-controller vap:

  • set application-detection enable | disable: Enable or disable the reporting of wireless client application information for the bridge mode SSID that it is configured for. Application reporting is disabled by default.
  • set application-report-intv <seconds>: Configure the time interval for the FortiAP to collect and report the application traffic information to the FortiGate. The default interval is 120 seconds.
To enable application-detection in VAP
config wireless-controller vap
  edit "vap-ndpi"
    set ssid "SSID_NDPI"
    set passphrase ENC 
    set local-bridging enable
    set schedule "always"
    set application-detection-engine enable
    set application-report-intv 60
  next
end
To check the application detection attribute from FortiAP
FortiAP-231F # vcfg
-------------------------------VAP Configuration    1----------------------------
Radio Id  1 WLAN Id  0 SSID_NDPI ADMIN_UP(INTF_UP) init_done 0.0.0.0/0.0.0.0 unknown (-1)
           vlanid=0, intf=wlan10, vap=0x3db5702c, bssid=e0:23:ff:d7:74:b0
           11ax high-efficiency=enabled target-wake-time=enabled
           bss-color-partial=enabled
           mesh backhaul=disabled
           local_auth=disabled standalone=disabled nat_mode=disabled
           local_bridging=enabled split_tunnel=disabled
           intra_ssid_priv=disabled
           mcast_enhance=disabled igmp_snooping=disabled
           mac_auth=disabled fail_through_mode=disabled sta_info=1/0
           mac=local, tunnel=8023, cap=8ce0, qos=disabled
           prob_resp_suppress=disabled
           rx sop=disabled
           sticky client remove=disabled
           mu mimo=enabled           ldpc_config=rxtx
           dhcp_option43_insertion=enabled           dhcp_option82_insertion=disabled
           dhcp_enforcement=disabled
           access_control_list=disabled
           bc_suppression=dhcp dhcp-ucast arp 
           auth=WPA2, PSK, AES WPA keyIdx=1, keyLen=16, keyStatus=1, gTsc=000000000000
           key=f4cf7fd6 32dbced5 6d9fb25c 8894ad9b
           pmf=disable
           okc=disabled, dynamic_vlan=disabled, extern_roaming=disabled
           voice_ent(802.11kv)=disabled, fast_bss_trans(802.11r)=disabled mbo=disabled
           port_macauth=disable
           airfairness weight: 20%
           schedules=SMTWTFS 00:00->00:00, 
           ratelimit(Kbps): ul=0 dl=0 ul_user=0 dl_user=0 burst=disabled
           primary wag: 
           secondary wag: 
           application detection engine: enabled, report-interval=60, configured
-------------------------------Total    1 VAP Configurations----------------------------
To check the application detection information from FortiAP
FortiAP-231F # cw_diag -d ndpi sta


Station 00:c0:ca:87:07:50 flow stats list:
-----------------------------------------------------------------------------
 AID  TX total   TX new     RX total   RX new     Application/Protocol Name
----- ---------- ---------- ---------- ---------- ---------------------------
    0      992 B        0 B   3.821 KB        0 B ukn
    7   2.056 KB        0 B   1.888 KB        0 B twitter
   12      342 B        0 B       62 B        0 B icloud
   28  68.553 KB   7.416 KB  11.400 KB   3.879 KB youtube
  139   6.281 KB        0 B   1.841 KB        0 B yahoo
  609   4.847 KB        0 B   1.734 KB        0 B new-relic
  632  20.167 KB        0 B   4.310 KB        0 B google-services
  664   6.080 KB        0 B  13.842 KB        0 B microsoft-services
  728  18.324 KB        0 B  12.785 KB        0 B amazon-services
  765   2.031 MB        0 B 345.697 KB        0 B service_amazon
  768  70.786 KB  70.497 KB   7.094 KB   7.031 KB service_google
  786   3.927 KB        0 B   1.992 KB        0 B service_microsoft
  866   5.842 KB        0 B   2.656 KB        0 B spotxchange
  889      359 B        0 B       63 B        0 B goodreads
 1032      480 B      480 B       58 B       58 B imdb
 1090  23.201 KB        0 B   7.608 KB        0 B adobeanalytics
 1141   7.160 KB        0 B   2.030 KB        0 B casale
 1218   5.226 KB        0 B   2.002 KB        0 B rubiconproject
 1397   5.411 KB   5.411 KB   1.938 KB   1.938 KB exelate
 1788  25.110 KB  25.110 KB   6.503 KB   6.503 KB bing
 1838  12.417 KB  12.417 KB   2.830 KB   2.830 KB delicious
 1861   6.106 KB   6.106 KB   2.008 KB   2.008 KB pubmatic
 1968      753 B        0 B      406 B        0 B http
 1974  11.720 KB  11.375 KB   1.826 KB   1.757 KB dns
 1979 475.727 KB        0 B  66.211 KB        0 B ssl
 2012      357 B        0 B        0 B        0 B dhcp
 2182   1.033 MB        0 B 152.760 KB        0 B quic
-----------------------------------------------------------------------------
To check the application detection information from FortiGate
FortiGate-201E # diag wire wlac -d sta online
   vf=0 wtp=3 rId=2 wlan=vap-ndpi vlan_id=0 ip=10.132.132.11 ip6=fe80::90bf:3f23:991:c8d4 mac=00:c0:ca:87:07:50 vci=MSFT 5.0 host=DESKTOP-CJ6F7M2 user= group= signal=-42 noise=-95 idle=0 bw=4158 use=6 chan=36 radio_type=11AC security=wpa2_only_personal mpsk= encrypt=aes cp_authed=no l3r=1,0 0.0.0.0:0 -- 0.0.0.0:0 0,0 online=yes mimo=2
                ip6=*fe80::90bf:3f23:991:c8d4,57, 
Id 0 App:ukn
Tx:992 Rx:2466 Age:9
Id 28 App:youtube
Tx:60614 Rx:7460 Age:9
Id 609 App:new-relic
Tx:4847 Rx:1734 Age:9
Id 632 App:google-services
Tx:8521 Rx:2404 Age:9
Id 765 App:service_amazon
Tx:4057 Rx:18035 Age:9
Id 1979 App:ssl
Tx:474313 Rx:64787 Age:9
Id 2182 App:quic
Tx:1028073 Rx:138326 Age:9
Id 1090 App:adobeanalytics
Tx:23201 Rx:7608 Age:9
Id 1141 App:casale
Tx:7160 Rx:2030 Age:9
Id 1218 App:rubiconproject
Tx:5226 Rx:2002 Age:9
Previous
Next

Monitoring application usage for clients connected to bridge mode SSIDs

Note

FortiAPs must be running firmware version 7.2.0 and later. WiFi clients must be connected to a bridge mode SSID.

You can monitor the application usage data for clients that are connected on bridge mode IDs by using the CLI command "diagnose wireless-controller wlac -d sta online". FortiGate receives the wireless client application information from FortiAPs and analyzes the traffic information on each application.

The following CLI commands can be configured under config wireless-controller vap:

  • set application-detection enable | disable: Enable or disable the reporting of wireless client application information for the bridge mode SSID that it is configured for. Application reporting is disabled by default.
  • set application-report-intv <seconds>: Configure the time interval for the FortiAP to collect and report the application traffic information to the FortiGate. The default interval is 120 seconds.
To enable application-detection in VAP
config wireless-controller vap
  edit "vap-ndpi"
    set ssid "SSID_NDPI"
    set passphrase ENC 
    set local-bridging enable
    set schedule "always"
    set application-detection-engine enable
    set application-report-intv 60
  next
end
To check the application detection attribute from FortiAP
FortiAP-231F # vcfg
-------------------------------VAP Configuration    1----------------------------
Radio Id  1 WLAN Id  0 SSID_NDPI ADMIN_UP(INTF_UP) init_done 0.0.0.0/0.0.0.0 unknown (-1)
           vlanid=0, intf=wlan10, vap=0x3db5702c, bssid=e0:23:ff:d7:74:b0
           11ax high-efficiency=enabled target-wake-time=enabled
           bss-color-partial=enabled
           mesh backhaul=disabled
           local_auth=disabled standalone=disabled nat_mode=disabled
           local_bridging=enabled split_tunnel=disabled
           intra_ssid_priv=disabled
           mcast_enhance=disabled igmp_snooping=disabled
           mac_auth=disabled fail_through_mode=disabled sta_info=1/0
           mac=local, tunnel=8023, cap=8ce0, qos=disabled
           prob_resp_suppress=disabled
           rx sop=disabled
           sticky client remove=disabled
           mu mimo=enabled           ldpc_config=rxtx
           dhcp_option43_insertion=enabled           dhcp_option82_insertion=disabled
           dhcp_enforcement=disabled
           access_control_list=disabled
           bc_suppression=dhcp dhcp-ucast arp 
           auth=WPA2, PSK, AES WPA keyIdx=1, keyLen=16, keyStatus=1, gTsc=000000000000
           key=f4cf7fd6 32dbced5 6d9fb25c 8894ad9b
           pmf=disable
           okc=disabled, dynamic_vlan=disabled, extern_roaming=disabled
           voice_ent(802.11kv)=disabled, fast_bss_trans(802.11r)=disabled mbo=disabled
           port_macauth=disable
           airfairness weight: 20%
           schedules=SMTWTFS 00:00->00:00, 
           ratelimit(Kbps): ul=0 dl=0 ul_user=0 dl_user=0 burst=disabled
           primary wag: 
           secondary wag: 
           application detection engine: enabled, report-interval=60, configured
-------------------------------Total    1 VAP Configurations----------------------------
To check the application detection information from FortiAP
FortiAP-231F # cw_diag -d ndpi sta


Station 00:c0:ca:87:07:50 flow stats list:
-----------------------------------------------------------------------------
 AID  TX total   TX new     RX total   RX new     Application/Protocol Name
----- ---------- ---------- ---------- ---------- ---------------------------
    0      992 B        0 B   3.821 KB        0 B ukn
    7   2.056 KB        0 B   1.888 KB        0 B twitter
   12      342 B        0 B       62 B        0 B icloud
   28  68.553 KB   7.416 KB  11.400 KB   3.879 KB youtube
  139   6.281 KB        0 B   1.841 KB        0 B yahoo
  609   4.847 KB        0 B   1.734 KB        0 B new-relic
  632  20.167 KB        0 B   4.310 KB        0 B google-services
  664   6.080 KB        0 B  13.842 KB        0 B microsoft-services
  728  18.324 KB        0 B  12.785 KB        0 B amazon-services
  765   2.031 MB        0 B 345.697 KB        0 B service_amazon
  768  70.786 KB  70.497 KB   7.094 KB   7.031 KB service_google
  786   3.927 KB        0 B   1.992 KB        0 B service_microsoft
  866   5.842 KB        0 B   2.656 KB        0 B spotxchange
  889      359 B        0 B       63 B        0 B goodreads
 1032      480 B      480 B       58 B       58 B imdb
 1090  23.201 KB        0 B   7.608 KB        0 B adobeanalytics
 1141   7.160 KB        0 B   2.030 KB        0 B casale
 1218   5.226 KB        0 B   2.002 KB        0 B rubiconproject
 1397   5.411 KB   5.411 KB   1.938 KB   1.938 KB exelate
 1788  25.110 KB  25.110 KB   6.503 KB   6.503 KB bing
 1838  12.417 KB  12.417 KB   2.830 KB   2.830 KB delicious
 1861   6.106 KB   6.106 KB   2.008 KB   2.008 KB pubmatic
 1968      753 B        0 B      406 B        0 B http
 1974  11.720 KB  11.375 KB   1.826 KB   1.757 KB dns
 1979 475.727 KB        0 B  66.211 KB        0 B ssl
 2012      357 B        0 B        0 B        0 B dhcp
 2182   1.033 MB        0 B 152.760 KB        0 B quic
-----------------------------------------------------------------------------
To check the application detection information from FortiGate
FortiGate-201E # diag wire wlac -d sta online
   vf=0 wtp=3 rId=2 wlan=vap-ndpi vlan_id=0 ip=10.132.132.11 ip6=fe80::90bf:3f23:991:c8d4 mac=00:c0:ca:87:07:50 vci=MSFT 5.0 host=DESKTOP-CJ6F7M2 user= group= signal=-42 noise=-95 idle=0 bw=4158 use=6 chan=36 radio_type=11AC security=wpa2_only_personal mpsk= encrypt=aes cp_authed=no l3r=1,0 0.0.0.0:0 -- 0.0.0.0:0 0,0 online=yes mimo=2
                ip6=*fe80::90bf:3f23:991:c8d4,57, 
Id 0 App:ukn
Tx:992 Rx:2466 Age:9
Id 28 App:youtube
Tx:60614 Rx:7460 Age:9
Id 609 App:new-relic
Tx:4847 Rx:1734 Age:9
Id 632 App:google-services
Tx:8521 Rx:2404 Age:9
Id 765 App:service_amazon
Tx:4057 Rx:18035 Age:9
Id 1979 App:ssl
Tx:474313 Rx:64787 Age:9
Id 2182 App:quic
Tx:1028073 Rx:138326 Age:9
Id 1090 App:adobeanalytics
Tx:23201 Rx:7608 Age:9
Id 1141 App:casale
Tx:7160 Rx:2030 Age:9
Id 1218 App:rubiconproject
Tx:5226 Rx:2002 Age:9
Previous
Next