Fortinet black logo

New Features

Station mode on FortiAP radios to initiate tests against other APs

Copy Link
Copy Doc ID 4f6cd3c1-22cb-11eb-96b9-00505692583a:569471
Download PDF

This enhancement allows service assurance management (SAM) mode to be configured from the CLI where a radio is designated to operate as a client and perform tests against another AP. Ping and iPerf tests can run on an interval, and the results are captured in the Wi-Fi event logs. This allows the FortiGate to verify and assure an existing Wi-Fi network can provide acceptable services.

To configure station mode with a ping test on a managed FortiAP:
  1. Enable the SAM ping test on the AP radio:
    config wireless-controller wtp-profile
        edit "FAP231E-sam"
            ...
            config radio-2
                set mode sam
                set sam-ssid "test-sam"
                set sam-bssid 00:00:00:00:00:00
                set sam-security-type wpa-personal
                set sam-captive-portal disable
                set sam-password ************
                set sam-test ping
                set sam-server "iperf.he.net"
                set sam-report-intv 60
            end
            ...
        next
    end
  2. On the AP, verify the configuration settings:
    # rcfg
        ...
            sam ssid           : test-sam
            sam bssid          : 00:00:00:00:00:00
            sam security type  : Personal
            sam captive portal : disabled
            sam test           : Ping
            sam server ip      : iperf.he.net
            sam report interval: 60
            sam iperf port     : 5001
            sam iperf protocol : TCP
        ...
Sample FortiOS WiFi event log:
1: date=2021-03-18 time=11:46:45 eventtime=1616006806043197750 tz="-0700" logid="0104043711" type="event" subtype="wireless" level="notice" vd="vdom1" logdesc="SAM ping test result" sn="FP231ETF20000449" ap="FP231ETF20000449" vap="test-sam" ssid="test-sam" stamac="04:d5:90:bf:4b:57" radioid=2 channel=144 security="WPA2 Personal" encryption="AES" action="sam-ping-result" msg="Connected to AP TEST-FAP-423E, 0.0% packet loss" remotewtptime="3107.537428"
To configure station mode with an iPerf test on a managed FortiAP:
  1. Enable the SAM iPerf test on the AP radio:
    config wireless-controller wtp-profile
        edit "FAP231E-sam"
            ...
            config radio-2
                set mode sam
                set sam-ssid "test-sam"
                set sam-bssid 00:00:00:00:00:00
                set sam-security-type wpa-personal
                set sam-captive-portal disable
                set sam-password ************
                set sam-test iperf
                set sam-server "iperf.he.net"
                set iperf-server-port 5001
                set iperf-protocol tcp
                set sam-report-intv 60
            end
            ...
        next
    end
  2. On the AP, verify the configuration settings:
    # rcfg
        ...
            sam ssid           : test-sam
            sam bssid          : 00:00:00:00:00:00
            sam security type  : Personal
            sam captive portal : disabled
            sam test           : Iperf
            sam server ip      : iperf.he.net
            sam report interval: 60
            sam iperf port     : 5001
            sam iperf protocol : TCP
        ...
Sample FortiOS WiFi event log:
1: date=2021-03-19 time=10:41:35 eventtime=1616175695652094949 tz="-0700" logid="0104043710" type="event" subtype="wireless" level="notice" vd="vdom1" logdesc="SAM iperf test result" sn="FP231ETF20000449" ap="FP231ETF20000449" vap="test-sam" ssid="test-sam" stamac="04:d5:90:bf:4b:57" radioid=2 channel=144 security="WPA2 Enterprise" encryption="AES" action="sam-iperf-result" msg="Connected to AP TEST-FAP-423E, TCP, max rate 10.9 MB/s" remotewtptime="4061.104484"

This enhancement allows service assurance management (SAM) mode to be configured from the CLI where a radio is designated to operate as a client and perform tests against another AP. Ping and iPerf tests can run on an interval, and the results are captured in the Wi-Fi event logs. This allows the FortiGate to verify and assure an existing Wi-Fi network can provide acceptable services.

To configure station mode with a ping test on a managed FortiAP:
  1. Enable the SAM ping test on the AP radio:
    config wireless-controller wtp-profile
        edit "FAP231E-sam"
            ...
            config radio-2
                set mode sam
                set sam-ssid "test-sam"
                set sam-bssid 00:00:00:00:00:00
                set sam-security-type wpa-personal
                set sam-captive-portal disable
                set sam-password ************
                set sam-test ping
                set sam-server "iperf.he.net"
                set sam-report-intv 60
            end
            ...
        next
    end
  2. On the AP, verify the configuration settings:
    # rcfg
        ...
            sam ssid           : test-sam
            sam bssid          : 00:00:00:00:00:00
            sam security type  : Personal
            sam captive portal : disabled
            sam test           : Ping
            sam server ip      : iperf.he.net
            sam report interval: 60
            sam iperf port     : 5001
            sam iperf protocol : TCP
        ...
Sample FortiOS WiFi event log:
1: date=2021-03-18 time=11:46:45 eventtime=1616006806043197750 tz="-0700" logid="0104043711" type="event" subtype="wireless" level="notice" vd="vdom1" logdesc="SAM ping test result" sn="FP231ETF20000449" ap="FP231ETF20000449" vap="test-sam" ssid="test-sam" stamac="04:d5:90:bf:4b:57" radioid=2 channel=144 security="WPA2 Personal" encryption="AES" action="sam-ping-result" msg="Connected to AP TEST-FAP-423E, 0.0% packet loss" remotewtptime="3107.537428"
To configure station mode with an iPerf test on a managed FortiAP:
  1. Enable the SAM iPerf test on the AP radio:
    config wireless-controller wtp-profile
        edit "FAP231E-sam"
            ...
            config radio-2
                set mode sam
                set sam-ssid "test-sam"
                set sam-bssid 00:00:00:00:00:00
                set sam-security-type wpa-personal
                set sam-captive-portal disable
                set sam-password ************
                set sam-test iperf
                set sam-server "iperf.he.net"
                set iperf-server-port 5001
                set iperf-protocol tcp
                set sam-report-intv 60
            end
            ...
        next
    end
  2. On the AP, verify the configuration settings:
    # rcfg
        ...
            sam ssid           : test-sam
            sam bssid          : 00:00:00:00:00:00
            sam security type  : Personal
            sam captive portal : disabled
            sam test           : Iperf
            sam server ip      : iperf.he.net
            sam report interval: 60
            sam iperf port     : 5001
            sam iperf protocol : TCP
        ...
Sample FortiOS WiFi event log:
1: date=2021-03-19 time=10:41:35 eventtime=1616175695652094949 tz="-0700" logid="0104043710" type="event" subtype="wireless" level="notice" vd="vdom1" logdesc="SAM iperf test result" sn="FP231ETF20000449" ap="FP231ETF20000449" vap="test-sam" ssid="test-sam" stamac="04:d5:90:bf:4b:57" radioid=2 channel=144 security="WPA2 Enterprise" encryption="AES" action="sam-iperf-result" msg="Connected to AP TEST-FAP-423E, TCP, max rate 10.9 MB/s" remotewtptime="4061.104484"