Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    7.0.4
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.16
    6.2.15
    6.2.14
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.0.0
    5.6.0
    5.4.0
    5.2.0
    5.0.0

    config wireless-controller global

    config wireless-controller global

    Configure wireless controller global settings.

    config wireless-controller global

    Description: Configure wireless controller global settings.

    set name {string}

    set location {string}

    set image-download [enable|disable]

    set max-retransmit {integer}

    set control-message-offload {option1}, {option2}, ...

    set data-ethernet-II [enable|disable]

    set link-aggregation [enable|disable]

    set mesh-eth-type {integer}

    set fiapp-eth-type {integer}

    set discovery-mc-addr {ipv4-address-multicast}

    set max-clients {integer}

    set rogue-scan-mac-adjacency {integer}

    set ipsec-base-ip {ipv4-address}

    set wtp-share [enable|disable]

    set tunnel-mode [compatible|strict]

    set nac-interval {integer}

    set ap-log-server [enable|disable]

    set ap-log-server-ip {ipv4-address}

    set ap-log-server-port {integer}

    end

    config wireless-controller global

    Parameter

    Description

    Type

    Size

    Default

    name

    Name of the wireless controller.

    string

    Maximum length: 35

    location

    Description of the location of the wireless controller.

    string

    Maximum length: 35

    image-download

    Enable/disable WTP image download at join time.

    option

    -

    enable

    Option

    Description

    enable

    Enable WTP image download at join time.

    disable

    Disable WTP image download at join time.

    max-retransmit

    Maximum number of tunnel packet retransmissions .

    integer

    Minimum value: 0 Maximum value: 64

    3

    control-message-offload

    Configure CAPWAP control message data channel offload.

    option

    -

    ebp-frame aeroscout-tag ap-list sta-list sta-cap-list stats aeroscout-mu sta-health spectral-analysis

    Option

    Description

    ebp-frame

    Ekahau blink protocol (EBP) frames.

    aeroscout-tag

    AeroScout tag.

    ap-list

    Rogue AP list.

    sta-list

    Rogue STA list.

    sta-cap-list

    STA capability list.

    stats

    WTP, radio, VAP, and STA statistics.

    aeroscout-mu

    AeroScout Mobile Unit (MU) report.

    sta-health

    STA health log.

    spectral-analysis

    Spectral analysis report.

    data-ethernet-II

    Configure the wireless controller to use Ethernet II or 802.3 frames with 802.3 data tunnel mode .

    option

    -

    enable

    Option

    Description

    enable

    Use Ethernet II frames with 802.3 data tunnel mode.

    disable

    Use 802.3 Ethernet frames with 802.3 data tunnel mode.

    link-aggregation

    Enable/disable calculating the CAPWAP transmit hash to load balance sessions to link aggregation nodes .

    option

    -

    disable

    Option

    Description

    enable

    Enable calculating the CAPWAP transmit hash.

    disable

    Disable calculating the CAPWAP transmit hash.

    mesh-eth-type

    Mesh Ethernet identifier included in backhaul packets .

    integer

    Minimum value: 0 Maximum value: 65535

    8755

    fiapp-eth-type

    Ethernet type for Fortinet Inter-Access Point Protocol .

    integer

    Minimum value: 0 Maximum value: 65535

    5252

    discovery-mc-addr

    Multicast IP address for AP discovery .

    ipv4-address-multicast

    Not Specified

    224.0.1.140

    max-clients

    Maximum number of clients that can connect simultaneously .

    integer

    Minimum value: 0 Maximum value: 4294967295

    0

    rogue-scan-mac-adjacency

    Maximum numerical difference between an AP's Ethernet and wireless MAC values to match for rogue detection .

    integer

    Minimum value: 0 Maximum value: 31

    7

    ipsec-base-ip

    Base IP address for IPsec VPN tunnels between the access points and the wireless controller .

    ipv4-address

    Not Specified

    169.254.0.1

    wtp-share

    Enable/disable sharing of WTPs between VDOMs.

    option

    -

    disable

    Option

    Description

    enable

    WTP can be shared between all VDOMs.

    disable

    WTP can be used only in its own VDOM.

    tunnel-mode

    Compatible/strict tunnel mode.

    option

    -

    compatible

    Option

    Description

    compatible

    Allow for backward compatible ciphers(3DES+SHA1+Strong list).

    strict

    Follow system level strong-crypto ciphers.

    nac-interval

    Interval in seconds between two WiFi network access control .

    integer

    Minimum value: 10 Maximum value: 600

    120

    ap-log-server

    Enable/disable configuring FortiGate to redirect wireless event log messages or FortiAPs to send UTM log messages to a syslog server .

    option

    -

    disable

    Option

    Description

    enable

    Enable AP log server.

    disable

    Disable AP log server.

    ap-log-server-ip

    IP address that FortiGate or FortiAPs send log messages to.

    ipv4-address

    Not Specified

    0.0.0.0

    ap-log-server-port

    Port that FortiGate or FortiAPs send log messages to.

    integer

    Minimum value: 0 Maximum value: 65535

    0
    Previous
    Next

    config wireless-controller global

    config wireless-controller global

    Configure wireless controller global settings.

    config wireless-controller global

    Description: Configure wireless controller global settings.

    set name {string}

    set location {string}

    set image-download [enable|disable]

    set max-retransmit {integer}

    set control-message-offload {option1}, {option2}, ...

    set data-ethernet-II [enable|disable]

    set link-aggregation [enable|disable]

    set mesh-eth-type {integer}

    set fiapp-eth-type {integer}

    set discovery-mc-addr {ipv4-address-multicast}

    set max-clients {integer}

    set rogue-scan-mac-adjacency {integer}

    set ipsec-base-ip {ipv4-address}

    set wtp-share [enable|disable]

    set tunnel-mode [compatible|strict]

    set nac-interval {integer}

    set ap-log-server [enable|disable]

    set ap-log-server-ip {ipv4-address}

    set ap-log-server-port {integer}

    end

    config wireless-controller global

    Parameter

    Description

    Type

    Size

    Default

    name

    Name of the wireless controller.

    string

    Maximum length: 35

    location

    Description of the location of the wireless controller.

    string

    Maximum length: 35

    image-download

    Enable/disable WTP image download at join time.

    option

    -

    enable

    Option

    Description

    enable

    Enable WTP image download at join time.

    disable

    Disable WTP image download at join time.

    max-retransmit

    Maximum number of tunnel packet retransmissions .

    integer

    Minimum value: 0 Maximum value: 64

    3

    control-message-offload

    Configure CAPWAP control message data channel offload.

    option

    -

    ebp-frame aeroscout-tag ap-list sta-list sta-cap-list stats aeroscout-mu sta-health spectral-analysis

    Option

    Description

    ebp-frame

    Ekahau blink protocol (EBP) frames.

    aeroscout-tag

    AeroScout tag.

    ap-list

    Rogue AP list.

    sta-list

    Rogue STA list.

    sta-cap-list

    STA capability list.

    stats

    WTP, radio, VAP, and STA statistics.

    aeroscout-mu

    AeroScout Mobile Unit (MU) report.

    sta-health

    STA health log.

    spectral-analysis

    Spectral analysis report.

    data-ethernet-II

    Configure the wireless controller to use Ethernet II or 802.3 frames with 802.3 data tunnel mode .

    option

    -

    enable

    Option

    Description

    enable

    Use Ethernet II frames with 802.3 data tunnel mode.

    disable

    Use 802.3 Ethernet frames with 802.3 data tunnel mode.

    link-aggregation

    Enable/disable calculating the CAPWAP transmit hash to load balance sessions to link aggregation nodes .

    option

    -

    disable

    Option

    Description

    enable

    Enable calculating the CAPWAP transmit hash.

    disable

    Disable calculating the CAPWAP transmit hash.

    mesh-eth-type

    Mesh Ethernet identifier included in backhaul packets .

    integer

    Minimum value: 0 Maximum value: 65535

    8755

    fiapp-eth-type

    Ethernet type for Fortinet Inter-Access Point Protocol .

    integer

    Minimum value: 0 Maximum value: 65535

    5252

    discovery-mc-addr

    Multicast IP address for AP discovery .

    ipv4-address-multicast

    Not Specified

    224.0.1.140

    max-clients

    Maximum number of clients that can connect simultaneously .

    integer

    Minimum value: 0 Maximum value: 4294967295

    0

    rogue-scan-mac-adjacency

    Maximum numerical difference between an AP's Ethernet and wireless MAC values to match for rogue detection .

    integer

    Minimum value: 0 Maximum value: 31

    7

    ipsec-base-ip

    Base IP address for IPsec VPN tunnels between the access points and the wireless controller .

    ipv4-address

    Not Specified

    169.254.0.1

    wtp-share

    Enable/disable sharing of WTPs between VDOMs.

    option

    -

    disable

    Option

    Description

    enable

    WTP can be shared between all VDOMs.

    disable

    WTP can be used only in its own VDOM.

    tunnel-mode

    Compatible/strict tunnel mode.

    option

    -

    compatible

    Option

    Description

    compatible

    Allow for backward compatible ciphers(3DES+SHA1+Strong list).

    strict

    Follow system level strong-crypto ciphers.

    nac-interval

    Interval in seconds between two WiFi network access control .

    integer

    Minimum value: 10 Maximum value: 600

    120

    ap-log-server

    Enable/disable configuring FortiGate to redirect wireless event log messages or FortiAPs to send UTM log messages to a syslog server .

    option

    -

    disable

    Option

    Description

    enable

    Enable AP log server.

    disable

    Disable AP log server.

    ap-log-server-ip

    IP address that FortiGate or FortiAPs send log messages to.

    ipv4-address

    Not Specified

    0.0.0.0

    ap-log-server-port

    Port that FortiGate or FortiAPs send log messages to.

    integer

    Minimum value: 0 Maximum value: 65535

    0
    Previous
    Next