This enhancement adds visibility for configuring advanced options for wireless features in the FortiGate GUI. You can go to Feature Visibility and enable Advanced Wireless Features to access the following:
- New navigation entries under WiFi & Switch Controller.
Operation Profiles: FortiAP, QoS, and FortiAP Configuration.
Connectivity Profiles: MPSK and Bonjour.
Protection Profiles: WIDS and L3 Firewall (also known as L3 Access Control List configurations for FortiAPs).
- Additional advanced options for wireless features under the SSIDs and WiFi Settings entries.
SSIDs > Edit Interface: Voice-Enterprise, Multiband operation, Fast BSS transition, Probe response suppression, Sticky client removal, multicast enhancement, IGMP snooping, Radio sensitivity, Airtime weight, QoS profile, and L3 firewall profile.
WiFi Settings: Duplicate SSID, DARRP, Phishing SSID detection, and SNMP settings.
A new CLI command is added under system settings to enable the advanced WiFi features on GUI.
- From the FortiOS GUI, go to System > Feature Visibility.
Under the Additional Features column, locate and enable Advanced Wireless Features.
The Navigation bar reloads with the new features visible.
config system settings set gui-advanced-wireless-features enable end
When you enable Advanced Wireless Features, FortiAP Profiles is renamed to Operation Profiles and contains additional tabs that enable you to manage QoS and FortiAP Configuration profiles.
When you create or edit a FortiAP profile, you can configure additional advanced settings.
You can create or edit Quality of Service (QoS) profiles by clicking the QoS Profiles tab.
Click Create new to create a QoS profile.
You can create or edit FortiAP Configuration Profile for managing local FortiAP configuration by clicking the FortiAP Configuration Profiles tab.
Click Create new to create a FortiAP Configuration profile.
You can access Connectivity Profiles to manage your MPSK and Bonjour profiles.
After you click Connectivity Profile, the MPSK Profiles tab loads by default. From there you can create or edit MPSK profiles to manage multiple pre-shared keys.
Click Create new to create an MPSK profile.
From there you can create and add MPSK groups and determine how you want to add your MPSK keys.
Bonjour is Apple's zero configuration networking protocol. Bonjour profiles allow APs and FortiAPs to connect to networks using Bonjour. You can create or edit Bonjour profiles by clicking the Bonjour Profiles tab.
Click Create new to create a Bonjour profile.
From there you can create and add policies that determine which services you want to advertise across the network.
When you enable Advanced Wireless Features, WIDS Profiles is renamed to Protection Profiles and contains additional tabs that enable you to manage L3 Firewall Profiles.
After you click Protection Profiles, the WIDS Profiles tab loads by default. From there you can create or edit WIDS profiles to configure the type of security threats you want to monitor.
You can create or edit L3 Firewall Profiles to configure the WiFi bridge access control list by clicking the L3 Firewall Profiles tab.
Click Create new to create a L3 Firewall profile.
From there, you can create IPv4 or IPv6 rule lists to allow or deny traffic that matches the configured policy.
When you create or edit an SSID, you can configure additional advanced settings.
More options are exposed on WiFi Settings page, including Duplicate SSID, DARRP related settings, Phishing SSID detection setting, and SNMP settings.