DOCUMENT LIBRARY

FortiWiFi and FortiAP Configuration Guide

What's new in this release
Introduction
Getting started with FortiAP management
- Configuring the FortiGate interface to manage FortiAP units
- Discovering, authorizing, and deauthorizing FortiAP units
- FortiAP diagnostics and tools
- Setting up a mesh connection between FortiAP units
- Data channel security: clear-text, DTLS, and IPsec VPN
Wireless network configuration
- Wireless network configuration tasks
- Setting your geographic location
- Configuring the network interface for the AP unit
- Creating a FortiAP profile
- Defining a wireless network interface (SSID)
  - Changing SSID to VDOM only
  - Airtime fairness
- Configuring security
  - Captive Portal Security
  - WPA2 Security
    - Configuring WPA2-Personal security
    - Configuring WPA2-Enterprise SSID
  - WPA3 Security
    - Generating SAE-PK private key and password
  - Adding a MAC filter
  - Limiting the number of clients
  - Enabling multicast enhancement
  - Replacing WiFi certificate
  - Configuring WiFi with WSSO using Windows NPS and user groups
- Defining SSID groups
- Configuring dynamic user VLAN assignment
  - VLAN assignment by RADIUS
  - VLAN assignment by Name Tag
  - VLAN assignment by FortiAP group
  - VLAN assignment by VLAN pool
- Configuring wireless NAC support
- Configuring user authentication
  - Custom RADIUS NAS-ID
- Configuring firewall policies for the SSID
- Configuring the built-in access point on a FortiWiFi unit
- Enforcing UTM policies on a local bridge SSID
- Configuring a Syslog profile
- Understanding Distributed Radio Resource Provisioning
  - Configuring Distributed Radio Resource Provisioning
- Translating WiFi QoS WMM marking to DSCP values
- Configuring Layer 3 roaming
  - Configuring L3 Roaming for Tunnel Mode SSIDs
  - Configuring L3 Roaming for Bridge Mode SSIDs
- Advanced Wireless Features
  - Operations Profiles Entry
  - Connectivity Profiles Entry
  - Protection Profiles Entry
  - Advanced SSID options
  - Advanced WiFi Settings options
- Configuring UNII-4 5GHz radio bands
- Configuring Agile Multiband Operation
Access point configuration
- Network topology of managed APs
- Discovery and authorization of APs
- Register a FortiAP to FortiCloud
- FortiAP CLI access
- FortiAP Configuration mode
- FortiAP unit firmware upgrade
- Advanced WiFi controller discovery
  - Configure automatic AP reboot
- Wireless client load balancing for high-density deployments
- FortiAP groups
- LAN port options
  - MAC Authentication for LAN port hosts
- LAN port aggregation and redundancy
  - LAN port uplink redundancy without LACP
- CAPWAP
- LED options
- Configure FortiAP MIMO values
- Configure Fortinet external antenna parameters for specific FortiAPs
- Configure third-party antennas in select FortiAP models
Wireless mesh configuration
- Configuring a meshed WiFi network
- Configuring a point-to-point bridge
Hotspot 2.0 configuration
WiFi network with wired LAN configuration
- How to configure a FortiAP local bridge (private cloud-managed AP)
- How to increase the number of supported FortiAPs
- How to implement multi-processing for large-scale FortiAP management
Remote WLAN FortiAPs
Features for high-density deployments
Wireless network protection
- Wireless Intrusion Detection System
- WiFi data channel encryption
- Protected Management Frames and Opportunistic Key Caching support
- Preventing local bridge traffic from reaching the LAN
- FortiAP-S and FortiAP-U bridge mode security profiles
- DHCP snooping and option-82 data insertion
- DHCP address enforcement
- Disabling console port access
- Configuring 802.1X supplicant on LAN
- Suppressing phishing SSID
Wireless network monitoring
- Monitoring wireless health and clients
- Monitoring rogue APs
- Suppressing rogue APs
- Monitoring wireless clients
- Monitoring wireless clients over IPv6 traffic
- Monitoring application usage for clients connected to bridge mode SSIDs
- Monitoring FortiAP with SNMP
- Monitoring FortiAP temperatures
- Enabling spectrum analysis
- Disable dedicated scanning on FortiAP F-Series profiles
- Enabling AP scan channel lists to optimize foreground scanning
Wireless network examples
- Basic wireless network example
- Wireless network example with FortiSwitch
- Complex wireless network example
- FortiGate WiFi controller 1+1 fast failover example
- CAPWAP hitless failover using FGCP
FortiWiFi unit as a wireless client
- Configuring a FortiWiFi unit as a wireless client
- Enabling EAP/TLS authentication on a FortiWiFi unit in client mode
- Configuring WPA3 security modes on FortiWiFi units operating in client mode
WiFi maps
Bluetooth Low Energy scan
- Pole Star NAO Cloud service integration
- Eddystone BLE beacon profile integration
Support for location-based services
- Configuring location tracking
- Viewing device location data on a FortiGate unit
- Configuring FortiPresence
Support for Electronic Shelf Label systems
Troubleshooting
- FortiAP shell command
- Signal strength issues
- Throughput issues
- Client connection issues
- FortiAP connection issues
- Testing wireless network health with SAM
- Determining the coverage area of a FortiAP
- Best practices for OSI common sources of wireless issues
- Extended logging
- Packet sniffer
- Debug commands
- Disabling 802.11d for client backward compatibility
FortiAP CLI configuration and diagnostics commands
FortiAP API
Change log

Home FortiAP / FortiWiFi 7.4.2 FortiWiFi and FortiAP Configuration Guide

7.4.2

Monitoring application usage for clients connected to bridge mode SSIDs

FortiAPs must be running firmware version 7.2.0 and later. WiFi clients must be connected to a bridge mode SSID.

You can monitor the application usage data for clients that are connected on bridge mode IDs by using the CLI command "diagnose wireless-controller wlac -d sta <mac-address of wireless station>". FortiGate receives the wireless client application information from FortiAPs and analyzes the traffic information on each application.

The following CLI commands can be configured under config wireless-controller vap:

set application-detection enable | disable: Enable or disable the reporting of wireless client application information for the bridge mode SSID that it is configured for. Application reporting is disabled by default.
set application-report-intv <seconds>: Configure the time interval for the FortiAP to collect and report the application traffic information to the FortiGate. The default interval is 120 seconds.

To enable application-detection in VAP:

config wireless-controller vap
  edit "vap-ndpi"
    set ssid "SSID_NDPI"
    set passphrase ENC 
    set local-bridging enable
    set schedule "always"
    set application-detection-engine enable
    set application-report-intv 60
  next
end

To check the application detection attribute from FortiAP:

FortiAP-231F # vcfg
-------------------------------VAP Configuration    1----------------------------
Radio Id  1 WLAN Id  0 SSID_NDPI ADMIN_UP(INTF_UP) init_done 0.0.0.0/0.0.0.0 unknown (-1)
           vlanid=0, intf=wlan10, vap=0x3db5702c, bssid=e0:23:ff:d7:74:b0
           11ax high-efficiency=enabled target-wake-time=enabled
           bss-color-partial=enabled
           mesh backhaul=disabled
           local_auth=disabled standalone=disabled nat_mode=disabled
           local_bridging=enabled split_tunnel=disabled
           intra_ssid_priv=disabled
           mcast_enhance=disabled igmp_snooping=disabled
           mac_auth=disabled fail_through_mode=disabled sta_info=1/0
           mac=local, tunnel=8023, cap=8ce0, qos=disabled
           prob_resp_suppress=disabled
           rx sop=disabled
           sticky client remove=disabled
           mu mimo=enabled           ldpc_config=rxtx
           dhcp_option43_insertion=enabled           dhcp_option82_insertion=disabled
           dhcp_enforcement=disabled
           access_control_list=disabled
           bc_suppression=dhcp dhcp-ucast arp 
           auth=WPA2, PSK, AES WPA keyIdx=1, keyLen=16, keyStatus=1, gTsc=000000000000
           key=f4cf7fd6 32dbced5 6d9fb25c 8894ad9b
           pmf=disable
           okc=disabled, dynamic_vlan=disabled, extern_roaming=disabled
           voice_ent(802.11kv)=disabled, fast_bss_trans(802.11r)=disabled mbo=disabled
           port_macauth=disable
           airfairness weight: 20%
           schedules=SMTWTFS 00:00->00:00, 
           ratelimit(Kbps): ul=0 dl=0 ul_user=0 dl_user=0 burst=disabled
           primary wag: 
           secondary wag: 
           application detection engine: enabled, report-interval=60, configured
-------------------------------Total    1 VAP Configurations----------------------------

To check the application detection information from FortiAP:

FortiAP-231F # cw_diag -d ndpi sta


Station 00:c0:ca:87:07:50 flow stats list:
-----------------------------------------------------------------------------
 AID  TX total   TX new     RX total   RX new     Application/Protocol Name
----- ---------- ---------- ---------- ---------- ---------------------------
    0      992 B        0 B   3.821 KB        0 B ukn
    7   2.056 KB        0 B   1.888 KB        0 B twitter
   12      342 B        0 B       62 B        0 B icloud
   28  68.553 KB   7.416 KB  11.400 KB   3.879 KB youtube
  139   6.281 KB        0 B   1.841 KB        0 B yahoo
  609   4.847 KB        0 B   1.734 KB        0 B new-relic
  632  20.167 KB        0 B   4.310 KB        0 B google-services
  664   6.080 KB        0 B  13.842 KB        0 B microsoft-services
  728  18.324 KB        0 B  12.785 KB        0 B amazon-services
  765   2.031 MB        0 B 345.697 KB        0 B service_amazon
  768  70.786 KB  70.497 KB   7.094 KB   7.031 KB service_google
  786   3.927 KB        0 B   1.992 KB        0 B service_microsoft
  866   5.842 KB        0 B   2.656 KB        0 B spotxchange
  889      359 B        0 B       63 B        0 B goodreads
 1032      480 B      480 B       58 B       58 B imdb
 1090  23.201 KB        0 B   7.608 KB        0 B adobeanalytics
 1141   7.160 KB        0 B   2.030 KB        0 B casale
 1218   5.226 KB        0 B   2.002 KB        0 B rubiconproject
 1397   5.411 KB   5.411 KB   1.938 KB   1.938 KB exelate
 1788  25.110 KB  25.110 KB   6.503 KB   6.503 KB bing
 1838  12.417 KB  12.417 KB   2.830 KB   2.830 KB delicious
 1861   6.106 KB   6.106 KB   2.008 KB   2.008 KB pubmatic
 1968      753 B        0 B      406 B        0 B http
 1974  11.720 KB  11.375 KB   1.826 KB   1.757 KB dns
 1979 475.727 KB        0 B  66.211 KB        0 B ssl
 2012      357 B        0 B        0 B        0 B dhcp
 2182   1.033 MB        0 B 152.760 KB        0 B quic
-----------------------------------------------------------------------------

To check the application detection information from FortiGate:

# diagnose wireless-controller wlac -d sta <mac-address of wireless station>
STA:
    vf : 0
    wtp id : AP-2
    wtp index : 786
    rId : 2
    wlan : !1qcadpi
    vlan_id : 0
    ssid : !!1qcadpi-kv
    essid : !!1qcadpi-kv
    bssid : 74:78:a6:98:47:f8
    assoc time : 2024-03-13 12:01:51
    ip : 192.168.250.23
    ip6 : fe80::c01:3236:b69f:b18b
    mac : 16:8c:c6:3a:3e:32
    vci :
    host :
    user :
    group :
    signal : -26
    noise : -77
    atf val : 0‰
    maxrate : 1201 Mbps
    rxrate : 216 Mbps
    rxrate_mcs : 4
    rxrate_score : 18%
    txrate : 258 Mbps
    txrate_mcs : 10
    txrate_score : 21%
    idle : 1
    bw : 209
    use : 5
    chan : 149
    radio_type : 11AX_5G
    security : WPA2_PERSONAL
    mpsk :
    encrypt : aes
    cp_authed : no
    online : yes
    mimo : 2
    handoff time : 0
  STA extension data :
    rx_bytes : 5057186
    rx_data : 26952
    rx_rate : 216 Mbps
    rx_throughput : 47.03 Kbps
    rx_dup : 0
    rx_noprivacy : 0
    rx_wepfail : 0
    rx_demicfail : 0
    rx_tkipmic : 0
    rx_ccmpmic : 0
    rx_wpimic : 0
    rx_tkipicv : 0
    rx_decap : 0
    rx_defrag : 0
    rx_decryptcrc : 0
    rx_unauth : 0
    rx_unencrypted : 0
    rx_err : 0
    tx_bytes : 119997874
    tx_frames : 94270
    tx_rate : 258 Mbps
    tx_throughput : 162.43 Kbps
    tx_discard : 0
    current tx_discard_percentage: 0%
    tx_target_discard : 0
    tx_host_discard : 0
    tx_retries : 22957
    current tx_retry_percentage: 24%
    sounding_count : 0
    explicit_compbf : off
    explicit_noncompbf : off
    implicit_bf : off
    SU Beamformer support : off
    SU Beamformee support : on
    MU Beamformer support : off
    MU Beamformee support : off
    Capabilities : WMM
    RSSI : 51 dB

    rx_ucast_bytes : 5006071
    rx_mcast_bytes : 51115
    rx_ucast_pkts : 26584
    rx_mcast_pkts : 368
    rx_decrypt_succeeds : 0
    rx_ratemcs : 0x4
    rx_pkts_retried : 8056
    rx_mic_err : 0
    rx_qos_pkts[0] : 25194
    rx_qos_bytes[0] : 0
    rx_qos_pkts[1] : 1514
    rx_qos_bytes[1] : 0
    rx_qos_pkts[2] : 35
    rx_qos_bytes[2] : 0
    rx_qos_pkts[3] : 1158
    rx_qos_bytes[3] : 0
    rx_ampdu_mpdu : 0
    tx_ucast_bytes : 119997874
    tx_mcast_bytes : 0
    tx_ucast_pkts : 94270
    tx_mcast_pkts : 0
    tx_ratemcs : 0xa
    tx_pkts_retried : 22957
    tx_qos_pkts[0] : 63962
    tx_qos_bytes[0] : 0
    tx_qos_pkts[1] : 19
    tx_qos_bytes[1] : 0
    tx_qos_pkts[2] : 17846
    tx_qos_bytes[2] : 0
    tx_qos_pkts[3] : 12574
    tx_qos_bytes[3] : 0
  STA Recent Top Applications : 2024-03-13 13:58:16 (7 seconds ago)
    1. Application ID : 28 - "youtube"
        Tx Bytes : 1401807
        Rx Bytes : 42790
    2. Application ID : 12 - "icloud"
        Tx Bytes : 138353
        Rx Bytes : 66468
    3. Application ID : 139 - "yahoo"
        Tx Bytes : 38742
        Rx Bytes : 19002
    4. Application ID : 1979 - "ssl"
        Tx Bytes : 20190
        Rx Bytes : 8004
    5. Application ID : 128 - "edk"
        Tx Bytes : 1228
        Rx Bytes : 6890
    6. Application ID : 1974 - "dns"
        Tx Bytes : 2281
        Rx Bytes : 1178
    7. Application ID : 20 - "amazon-cloud"
        Tx Bytes : 1957
        Rx Bytes : 878
    8. Application ID : 768 - "service_google"
        Tx Bytes : 941
        Rx Bytes : 602
    9. Application ID : 1805 - "imrworldwide"
        Tx Bytes : 630
        Rx Bytes : 216
    10. Application ID : 1218 - "rubiconproject"
        Tx Bytes : 510
        Rx Bytes : 219

Monitoring application usage for clients connected to bridge mode SSIDs

FortiAPs must be running firmware version 7.2.0 and later. WiFi clients must be connected to a bridge mode SSID.

The following CLI commands can be configured under config wireless-controller vap:

set application-detection enable | disable: Enable or disable the reporting of wireless client application information for the bridge mode SSID that it is configured for. Application reporting is disabled by default.
set application-report-intv <seconds>: Configure the time interval for the FortiAP to collect and report the application traffic information to the FortiGate. The default interval is 120 seconds.

To enable application-detection in VAP:

config wireless-controller vap
  edit "vap-ndpi"
    set ssid "SSID_NDPI"
    set passphrase ENC 
    set local-bridging enable
    set schedule "always"
    set application-detection-engine enable
    set application-report-intv 60
  next
end

To check the application detection attribute from FortiAP:

FortiAP-231F # vcfg
-------------------------------VAP Configuration    1----------------------------
Radio Id  1 WLAN Id  0 SSID_NDPI ADMIN_UP(INTF_UP) init_done 0.0.0.0/0.0.0.0 unknown (-1)
           vlanid=0, intf=wlan10, vap=0x3db5702c, bssid=e0:23:ff:d7:74:b0
           11ax high-efficiency=enabled target-wake-time=enabled
           bss-color-partial=enabled
           mesh backhaul=disabled
           local_auth=disabled standalone=disabled nat_mode=disabled
           local_bridging=enabled split_tunnel=disabled
           intra_ssid_priv=disabled
           mcast_enhance=disabled igmp_snooping=disabled
           mac_auth=disabled fail_through_mode=disabled sta_info=1/0
           mac=local, tunnel=8023, cap=8ce0, qos=disabled
           prob_resp_suppress=disabled
           rx sop=disabled
           sticky client remove=disabled
           mu mimo=enabled           ldpc_config=rxtx
           dhcp_option43_insertion=enabled           dhcp_option82_insertion=disabled
           dhcp_enforcement=disabled
           access_control_list=disabled
           bc_suppression=dhcp dhcp-ucast arp 
           auth=WPA2, PSK, AES WPA keyIdx=1, keyLen=16, keyStatus=1, gTsc=000000000000
           key=f4cf7fd6 32dbced5 6d9fb25c 8894ad9b
           pmf=disable
           okc=disabled, dynamic_vlan=disabled, extern_roaming=disabled
           voice_ent(802.11kv)=disabled, fast_bss_trans(802.11r)=disabled mbo=disabled
           port_macauth=disable
           airfairness weight: 20%
           schedules=SMTWTFS 00:00->00:00, 
           ratelimit(Kbps): ul=0 dl=0 ul_user=0 dl_user=0 burst=disabled
           primary wag: 
           secondary wag: 
           application detection engine: enabled, report-interval=60, configured
-------------------------------Total    1 VAP Configurations----------------------------

To check the application detection information from FortiAP:

FortiAP-231F # cw_diag -d ndpi sta


Station 00:c0:ca:87:07:50 flow stats list:
-----------------------------------------------------------------------------
 AID  TX total   TX new     RX total   RX new     Application/Protocol Name
----- ---------- ---------- ---------- ---------- ---------------------------
    0      992 B        0 B   3.821 KB        0 B ukn
    7   2.056 KB        0 B   1.888 KB        0 B twitter
   12      342 B        0 B       62 B        0 B icloud
   28  68.553 KB   7.416 KB  11.400 KB   3.879 KB youtube
  139   6.281 KB        0 B   1.841 KB        0 B yahoo
  609   4.847 KB        0 B   1.734 KB        0 B new-relic
  632  20.167 KB        0 B   4.310 KB        0 B google-services
  664   6.080 KB        0 B  13.842 KB        0 B microsoft-services
  728  18.324 KB        0 B  12.785 KB        0 B amazon-services
  765   2.031 MB        0 B 345.697 KB        0 B service_amazon
  768  70.786 KB  70.497 KB   7.094 KB   7.031 KB service_google
  786   3.927 KB        0 B   1.992 KB        0 B service_microsoft
  866   5.842 KB        0 B   2.656 KB        0 B spotxchange
  889      359 B        0 B       63 B        0 B goodreads
 1032      480 B      480 B       58 B       58 B imdb
 1090  23.201 KB        0 B   7.608 KB        0 B adobeanalytics
 1141   7.160 KB        0 B   2.030 KB        0 B casale
 1218   5.226 KB        0 B   2.002 KB        0 B rubiconproject
 1397   5.411 KB   5.411 KB   1.938 KB   1.938 KB exelate
 1788  25.110 KB  25.110 KB   6.503 KB   6.503 KB bing
 1838  12.417 KB  12.417 KB   2.830 KB   2.830 KB delicious
 1861   6.106 KB   6.106 KB   2.008 KB   2.008 KB pubmatic
 1968      753 B        0 B      406 B        0 B http
 1974  11.720 KB  11.375 KB   1.826 KB   1.757 KB dns
 1979 475.727 KB        0 B  66.211 KB        0 B ssl
 2012      357 B        0 B        0 B        0 B dhcp
 2182   1.033 MB        0 B 152.760 KB        0 B quic
-----------------------------------------------------------------------------

To check the application detection information from FortiGate:

# diagnose wireless-controller wlac -d sta <mac-address of wireless station>
STA:
    vf : 0
    wtp id : AP-2
    wtp index : 786
    rId : 2
    wlan : !1qcadpi
    vlan_id : 0
    ssid : !!1qcadpi-kv
    essid : !!1qcadpi-kv
    bssid : 74:78:a6:98:47:f8
    assoc time : 2024-03-13 12:01:51
    ip : 192.168.250.23
    ip6 : fe80::c01:3236:b69f:b18b
    mac : 16:8c:c6:3a:3e:32
    vci :
    host :
    user :
    group :
    signal : -26
    noise : -77
    atf val : 0‰
    maxrate : 1201 Mbps
    rxrate : 216 Mbps
    rxrate_mcs : 4
    rxrate_score : 18%
    txrate : 258 Mbps
    txrate_mcs : 10
    txrate_score : 21%
    idle : 1
    bw : 209
    use : 5
    chan : 149
    radio_type : 11AX_5G
    security : WPA2_PERSONAL
    mpsk :
    encrypt : aes
    cp_authed : no
    online : yes
    mimo : 2
    handoff time : 0
  STA extension data :
    rx_bytes : 5057186
    rx_data : 26952
    rx_rate : 216 Mbps
    rx_throughput : 47.03 Kbps
    rx_dup : 0
    rx_noprivacy : 0
    rx_wepfail : 0
    rx_demicfail : 0
    rx_tkipmic : 0
    rx_ccmpmic : 0
    rx_wpimic : 0
    rx_tkipicv : 0
    rx_decap : 0
    rx_defrag : 0
    rx_decryptcrc : 0
    rx_unauth : 0
    rx_unencrypted : 0
    rx_err : 0
    tx_bytes : 119997874
    tx_frames : 94270
    tx_rate : 258 Mbps
    tx_throughput : 162.43 Kbps
    tx_discard : 0
    current tx_discard_percentage: 0%
    tx_target_discard : 0
    tx_host_discard : 0
    tx_retries : 22957
    current tx_retry_percentage: 24%
    sounding_count : 0
    explicit_compbf : off
    explicit_noncompbf : off
    implicit_bf : off
    SU Beamformer support : off
    SU Beamformee support : on
    MU Beamformer support : off
    MU Beamformee support : off
    Capabilities : WMM
    RSSI : 51 dB

    rx_ucast_bytes : 5006071
    rx_mcast_bytes : 51115
    rx_ucast_pkts : 26584
    rx_mcast_pkts : 368
    rx_decrypt_succeeds : 0
    rx_ratemcs : 0x4
    rx_pkts_retried : 8056
    rx_mic_err : 0
    rx_qos_pkts[0] : 25194
    rx_qos_bytes[0] : 0
    rx_qos_pkts[1] : 1514
    rx_qos_bytes[1] : 0
    rx_qos_pkts[2] : 35
    rx_qos_bytes[2] : 0
    rx_qos_pkts[3] : 1158
    rx_qos_bytes[3] : 0
    rx_ampdu_mpdu : 0
    tx_ucast_bytes : 119997874
    tx_mcast_bytes : 0
    tx_ucast_pkts : 94270
    tx_mcast_pkts : 0
    tx_ratemcs : 0xa
    tx_pkts_retried : 22957
    tx_qos_pkts[0] : 63962
    tx_qos_bytes[0] : 0
    tx_qos_pkts[1] : 19
    tx_qos_bytes[1] : 0
    tx_qos_pkts[2] : 17846
    tx_qos_bytes[2] : 0
    tx_qos_pkts[3] : 12574
    tx_qos_bytes[3] : 0
  STA Recent Top Applications : 2024-03-13 13:58:16 (7 seconds ago)
    1. Application ID : 28 - "youtube"
        Tx Bytes : 1401807
        Rx Bytes : 42790
    2. Application ID : 12 - "icloud"
        Tx Bytes : 138353
        Rx Bytes : 66468
    3. Application ID : 139 - "yahoo"
        Tx Bytes : 38742
        Rx Bytes : 19002
    4. Application ID : 1979 - "ssl"
        Tx Bytes : 20190
        Rx Bytes : 8004
    5. Application ID : 128 - "edk"
        Tx Bytes : 1228
        Rx Bytes : 6890
    6. Application ID : 1974 - "dns"
        Tx Bytes : 2281
        Rx Bytes : 1178
    7. Application ID : 20 - "amazon-cloud"
        Tx Bytes : 1957
        Rx Bytes : 878
    8. Application ID : 768 - "service_google"
        Tx Bytes : 941
        Rx Bytes : 602
    9. Application ID : 1805 - "imrworldwide"
        Tx Bytes : 630
        Rx Bytes : 216
    10. Application ID : 1218 - "rubiconproject"
        Tx Bytes : 510
        Rx Bytes : 219

Secure Networking

Hybrid Mesh Firewall

NOC Management

LAN

WAN

Unified SASE

Single Vendor SASE

Cloud Network Security

Secure Endpoint Connectivity

Web Application / API Protection

Security Operations

Security Operations Automation

Identity

Early Detection & Prevention

Secure Networking

Hybrid Mesh Firewall

NOC Management

LAN

WAN

Communication & Surveillance

Unified SASE

Single Vendor SASE

Secure Endpoint Connectivity

Cloud Network Security

Cloud-Native Security

Web Application / API Protection

Security Operations

Security Operations Automation

Endpoint

Data Protection

Identity

Email

Early Detection & Prevention

Expert Services

Edge Firewall

Orchestration & management

SD Branch

Application Delivery

Single Vendor SASE

Secure Endpoint Connectivity

Secure Private Access

Thin Edge

Identity

Application Gateway

Enterprise Asset Management

Endpoint Agent

Agentless Security Posture

Identity

Wireless

Switching

Identity

Privilege Acccess Management

Next Generation Firewall

Orchestration & management

Expert Services

All

All

Account Management

SAAS Management

SAAS Application Security

Managed Services

Platform as a service (PAAS)

Other SAAS Services

4D Pillars

Cloud

Popular Solutions

FortiWiFi and FortiAP Configuration Guide

Monitoring application usage for clients connected to bridge mode SSIDs

Monitoring application usage for clients connected to bridge mode SSIDs

To enable application-detection in VAP:

To check the application detection attribute from FortiAP:

To check the application detection information from FortiAP:

To check the application detection information from FortiGate:

Monitoring application usage for clients connected to bridge mode SSIDs

Monitoring application usage for clients connected to bridge mode SSIDs

To enable application-detection in VAP:

To check the application detection attribute from FortiAP:

To check the application detection information from FortiAP:

To check the application detection information from FortiGate: