By default, 802.11d is always enabled on FortiAPs. When 802.11d is enabled, FortiAPs broadcast the country code in beacons, probe responses, and probe requests. This can lead to some older legacy clients failing to associate to the FortiAP. You can disable 802.11d to prevent broadcasting country code settings and provide backwards compatibility with those clients
Since IEEE 802.11d only applies to 2.4 GHz radios operating in the 802.11g band, disabling 802.11d only applies to radios configured to operate in the 802.11g band.
To disable 802.11d
config wireless-controller wtp-profile edit FAP231F-default config radio-1 set 80211d disable end end
To verify the configuration from FortiGate:
From the FortiGate:
diagnose wireless-controller wlac -c wtp FP231FTF20007509 | grep 80211d 80211d enable : disabled
When the previous FortiGate setting are applied to a Managed FortiAP, the settings can be verified on the FortiAP CLI through the
FortiAP-231F # rcfg | grep 802 802.11d enable : disabled FortiAP-231F # Check iwpriv FortiAP-231F # iwpriv wlan00 get_countryie wlan00 get_countryie:0 (0x0) FortiAP-231F #
Sniff the packets in the air before and after disabling the feature:
Before enabling the feature, use a packet analyzer to check the sample beacon packet for the Country Information Tag in Tagged parameters.
After disabling the 802.11d on a 2.4Ghz radio, use a packet analyzer to check the beacon and verify that the Country Information Tag is no longer under in Tagged Parameters.