New features or enhancements
The following table includes FortiAP version 7.4.0 new features and enhancements:
Bug ID |
Description |
---|---|
268728 |
Federal Information Processing Standards (FIPS) certification. To enable FIPS mode, run the following commands on the FortiAP CLI: cfg -a FIPS_CC=1 cfg -c To disable FIPS mode, factory reset the FortiAP. Note: FAP-431F and FAP-433F cannot support FIPS mode. |
867684 |
Support WPA3-SAE security over the mesh backhaul. On the FortiGate CLI (FortiOS 7.4.0), add one mesh-backhaul vap with security wpa3-sae, and assign it to the mesh-root FortiAP. Note: The "Hash-to-Element (H2E) only" option is mandatory for the mesh backhaul. On the mesh-leaf FortiAP CLI, input the following mesh settings: cfg -a MESH_AP_TYPE=1 cfg -a MESH_AP_SSID=meshssidname cfg -a MESH_AP_SECURITY=2 cfg -a MESH_AP_PASSWD=meshssidpassword cfg -c |
868839 |
The wtp-profile of FAP-432F and 433F models can set external antenna parameters when the corresponding external antenna is installed. On the FortiGate CLI, input the following commands: config wireless-controller wtp-profile edit "FAP433F" config radio-1 set optional-antenna none | FANT-04ABGN-0606-O-R | FANT-04ABGN-0606-P-R end end |
887980 |
Support a new data-channel security option " The FortiAP serial number is added to the initial IPsec setup message so that it can be used by a dispatcher to query the destination FortiGate. Then the FortiAP will connect to the FortiGate and encrypt the data channel with an IPsec-VPN tunnel. |
902191 |
Wireless bonjour-profile feature supports a new service option for Miracast. |
973755 |
Support new model FAP-234G (build 5578). Note: FortiGate running FortiOS 7.4.0 and later can manage FAP-234G. |
Region/country code update and DFS certification
Bug ID |
Description |
---|---|
825182, 886015 |
Enable "Wi-Fi 6E" 6GHz Channels for supported regions and countries. |
876673 |
Enable 5GHz UNII-3 channels in certain European countries. |
Changes in CLI
Bug ID |
Description |
---|---|
903756 |
A new cfg variable cfg -a MESH_AP_SECURITY=0 | 1 | 2 Input 0 for "Open", 1 for "WPA/WPA2-Personal", or 2 for "WPA3-SAE". The default value is 0. |