Fortinet Document Library

Version:


Table of Contents

More Links

Captive portal authentication in service assurance management (SAM) mode 7.0.1

New Features

7.0.0
Download PDF
Copy Link

Station mode on FortiAP radios to initiate tests against other APs

This enhancement allows service assurance management (SAM) mode to be configured from the CLI where a radio is designated to operate as a client and perform tests against another AP. Ping and iPerf tests can run on an interval, and the results are captured in the Wi-Fi event logs. This allows the FortiGate to verify and assure an existing Wi-Fi network can provide acceptable services.

To configure station mode with a ping test on a managed FortiAP:
  1. Enable the SAM ping test on the AP radio:
    config wireless-controller wtp-profile
        edit "FAP231E-sam"
            ...
            config radio-2
                set mode sam
                set sam-ssid "test-sam"
                set sam-bssid 00:00:00:00:00:00
                set sam-security-type wpa-personal
                set sam-captive-portal disable
                set sam-password ************
                set sam-test ping
                set sam-server "iperf.he.net"
                set sam-report-intv 60
            end
            ...
        next
    end
  2. On the AP, verify the configuration settings:
    # rcfg
        ...
            sam ssid           : test-sam
            sam bssid          : 00:00:00:00:00:00
            sam security type  : Personal
            sam captive portal : disabled
            sam test           : Ping
            sam server ip      : iperf.he.net
            sam report interval: 60
            sam iperf port     : 5001
            sam iperf protocol : TCP
        ...
Sample FortiOS WiFi event log:
1: date=2021-03-18 time=11:46:45 eventtime=1616006806043197750 tz="-0700" logid="0104043711" type="event" subtype="wireless" level="notice" vd="vdom1" logdesc="SAM ping test result" sn="FP231ETF20000449" ap="FP231ETF20000449" vap="test-sam" ssid="test-sam" stamac="04:d5:90:bf:4b:57" radioid=2 channel=144 security="WPA2 Personal" encryption="AES" action="sam-ping-result" msg="Connected to AP TEST-FAP-423E, 0.0% packet loss" remotewtptime="3107.537428"
To configure station mode with an iPerf test on a managed FortiAP:
  1. Enable the SAM iPerf test on the AP radio:
    config wireless-controller wtp-profile
        edit "FAP231E-sam"
            ...
            config radio-2
                set mode sam
                set sam-ssid "test-sam"
                set sam-bssid 00:00:00:00:00:00
                set sam-security-type wpa-personal
                set sam-captive-portal disable
                set sam-password ************
                set sam-test iperf
                set sam-server "iperf.he.net"
                set iperf-server-port 5001
                set iperf-protocol tcp
                set sam-report-intv 60
            end
            ...
        next
    end
  2. On the AP, verify the configuration settings:
    # rcfg
        ...
            sam ssid           : test-sam
            sam bssid          : 00:00:00:00:00:00
            sam security type  : Personal
            sam captive portal : disabled
            sam test           : Iperf
            sam server ip      : iperf.he.net
            sam report interval: 60
            sam iperf port     : 5001
            sam iperf protocol : TCP
        ...
Sample FortiOS WiFi event log:
1: date=2021-03-19 time=10:41:35 eventtime=1616175695652094949 tz="-0700" logid="0104043710" type="event" subtype="wireless" level="notice" vd="vdom1" logdesc="SAM iperf test result" sn="FP231ETF20000449" ap="FP231ETF20000449" vap="test-sam" ssid="test-sam" stamac="04:d5:90:bf:4b:57" radioid=2 channel=144 security="WPA2 Enterprise" encryption="AES" action="sam-iperf-result" msg="Connected to AP TEST-FAP-423E, TCP, max rate 10.9 MB/s" remotewtptime="4061.104484"

More Links

Station mode on FortiAP radios to initiate tests against other APs

This enhancement allows service assurance management (SAM) mode to be configured from the CLI where a radio is designated to operate as a client and perform tests against another AP. Ping and iPerf tests can run on an interval, and the results are captured in the Wi-Fi event logs. This allows the FortiGate to verify and assure an existing Wi-Fi network can provide acceptable services.

To configure station mode with a ping test on a managed FortiAP:
  1. Enable the SAM ping test on the AP radio:
    config wireless-controller wtp-profile
        edit "FAP231E-sam"
            ...
            config radio-2
                set mode sam
                set sam-ssid "test-sam"
                set sam-bssid 00:00:00:00:00:00
                set sam-security-type wpa-personal
                set sam-captive-portal disable
                set sam-password ************
                set sam-test ping
                set sam-server "iperf.he.net"
                set sam-report-intv 60
            end
            ...
        next
    end
  2. On the AP, verify the configuration settings:
    # rcfg
        ...
            sam ssid           : test-sam
            sam bssid          : 00:00:00:00:00:00
            sam security type  : Personal
            sam captive portal : disabled
            sam test           : Ping
            sam server ip      : iperf.he.net
            sam report interval: 60
            sam iperf port     : 5001
            sam iperf protocol : TCP
        ...
Sample FortiOS WiFi event log:
1: date=2021-03-18 time=11:46:45 eventtime=1616006806043197750 tz="-0700" logid="0104043711" type="event" subtype="wireless" level="notice" vd="vdom1" logdesc="SAM ping test result" sn="FP231ETF20000449" ap="FP231ETF20000449" vap="test-sam" ssid="test-sam" stamac="04:d5:90:bf:4b:57" radioid=2 channel=144 security="WPA2 Personal" encryption="AES" action="sam-ping-result" msg="Connected to AP TEST-FAP-423E, 0.0% packet loss" remotewtptime="3107.537428"
To configure station mode with an iPerf test on a managed FortiAP:
  1. Enable the SAM iPerf test on the AP radio:
    config wireless-controller wtp-profile
        edit "FAP231E-sam"
            ...
            config radio-2
                set mode sam
                set sam-ssid "test-sam"
                set sam-bssid 00:00:00:00:00:00
                set sam-security-type wpa-personal
                set sam-captive-portal disable
                set sam-password ************
                set sam-test iperf
                set sam-server "iperf.he.net"
                set iperf-server-port 5001
                set iperf-protocol tcp
                set sam-report-intv 60
            end
            ...
        next
    end
  2. On the AP, verify the configuration settings:
    # rcfg
        ...
            sam ssid           : test-sam
            sam bssid          : 00:00:00:00:00:00
            sam security type  : Personal
            sam captive portal : disabled
            sam test           : Iperf
            sam server ip      : iperf.he.net
            sam report interval: 60
            sam iperf port     : 5001
            sam iperf protocol : TCP
        ...
Sample FortiOS WiFi event log:
1: date=2021-03-19 time=10:41:35 eventtime=1616175695652094949 tz="-0700" logid="0104043710" type="event" subtype="wireless" level="notice" vd="vdom1" logdesc="SAM iperf test result" sn="FP231ETF20000449" ap="FP231ETF20000449" vap="test-sam" ssid="test-sam" stamac="04:d5:90:bf:4b:57" radioid=2 channel=144 security="WPA2 Enterprise" encryption="AES" action="sam-iperf-result" msg="Connected to AP TEST-FAP-423E, TCP, max rate 10.9 MB/s" remotewtptime="4061.104484"