Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

FortiWiFi and FortiAP Configuration Guide

Disabling 802.11d for client backward compatibility

By default, 802.11d is always enabled on FortiAPs. When 802.11d is enabled, FortiAPs broadcast the country code in beacons, probe responses, and probe requests. This can lead to some older legacy clients failing to associate to the FortiAP. You can disable 802.11d to prevent broadcasting country code settings and provide backwards compatibility with those clients

Note

Since IEEE 802.11d only applies to 2.4 GHz radios operating in the 802.11g band, disabling 802.11d only applies to radios configured to operate in the 802.11g band.

To disable 802.11d
config wireless-controller wtp-profile
  edit FAP231F-default
    config radio-1
    set 80211d disable
  end
end
To verify the configuration from FortiGate:
  1. From the FortiGate:

     diagnose wireless-controller wlac -c wtp FP231FTF20007509 | grep 80211d
        80211d enable : disabled
  2. When the previous FortiGate setting are applied to a Managed FortiAP, the settings can be verified on the FortiAP CLI through the rcfg and iwpriv commands:

    FortiAP-231F # rcfg | grep 802
       802.11d enable : disabled
    FortiAP-231F #
    
    Check iwpriv
    
    FortiAP-231F # iwpriv wlan00 get_countryie
    wlan00 get_countryie:0 (0x0)
    FortiAP-231F #
  3. Sniff the packets in the air before and after disabling the feature:

    1. Before enabling the feature, use a packet analyzer to check the sample beacon packet for the Country Information Tag in Tagged parameters.

    2. After disabling the 802.11d on a 2.4Ghz radio, use a packet analyzer to check the beacon and verify that the Country Information Tag is no longer under in Tagged Parameters.

Disabling 802.11d for client backward compatibility

By default, 802.11d is always enabled on FortiAPs. When 802.11d is enabled, FortiAPs broadcast the country code in beacons, probe responses, and probe requests. This can lead to some older legacy clients failing to associate to the FortiAP. You can disable 802.11d to prevent broadcasting country code settings and provide backwards compatibility with those clients

Note

Since IEEE 802.11d only applies to 2.4 GHz radios operating in the 802.11g band, disabling 802.11d only applies to radios configured to operate in the 802.11g band.

To disable 802.11d
config wireless-controller wtp-profile
  edit FAP231F-default
    config radio-1
    set 80211d disable
  end
end
To verify the configuration from FortiGate:
  1. From the FortiGate:

     diagnose wireless-controller wlac -c wtp FP231FTF20007509 | grep 80211d
        80211d enable : disabled
  2. When the previous FortiGate setting are applied to a Managed FortiAP, the settings can be verified on the FortiAP CLI through the rcfg and iwpriv commands:

    FortiAP-231F # rcfg | grep 802
       802.11d enable : disabled
    FortiAP-231F #
    
    Check iwpriv
    
    FortiAP-231F # iwpriv wlan00 get_countryie
    wlan00 get_countryie:0 (0x0)
    FortiAP-231F #
  3. Sniff the packets in the air before and after disabling the feature:

    1. Before enabling the feature, use a packet analyzer to check the sample beacon packet for the Country Information Tag in Tagged parameters.

    2. After disabling the 802.11d on a 2.4Ghz radio, use a packet analyzer to check the beacon and verify that the Country Information Tag is no longer under in Tagged Parameters.