Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • New Features

    7.2.0
    7.6.0
    7.4.0
    7.2.0
    7.0.0
    6.4.0
    6.2.0

    Support enabling or disabling 802.11d 7.2.1

    Support enabling or disabling 802.11d 7.2.1

    This enhancement adds the ability to toggle 802.11d support for 2.4 GHz radios through a FortiAP profile. In previous versions, 802.11d was always enabled on FortiAPs. When 802.11d is enabled, the FortiAPs broadcast the country code in beacons, probe responses, and probe requests. This led to some older legacy clients failing to associate to the FortiAP. The ability to disable 802.11d prevents the broadcasting of country code settings and provides backwards compatibility with those clients.

    Note

    Since IEEE 802.11d only applies to 2.4 GHz radios operating in the 802.11g band, disabling 802.11d only applies to radios configured to operate in the 802.11g band.
    To disable 802.11d:
    config wireless-controller wtp-profile
  edit FAP231F-default
    config radio-1
    set 80211d disable
  end
end
    To verify the configuration from FortiGate:

    1. From the FortiGate:

       diagnose wireless-controller wlac -c wtp FP231FTF20007509 | grep 80211d
    80211d enable : disabled

    2. When the previous FortiGate setting are applied to a Managed FortiAP, the settings can be verified on the FortiAP CLI through the rcfg and iwpriv commands:

      FortiAP-231F # rcfg | grep 802
   802.11d enable : disabled
FortiAP-231F #

Check iwpriv

FortiAP-231F # iwpriv wlan00 get_countryie
wlan00 get_countryie:0 (0x0)
FortiAP-231F #

    3. Sniff the packets in the air before and after disabling the feature:

      1. Before enabling the feature, use a packet analyzer to check the sample beacon packet for the Country Information Tag in Tagged parameters.

      2. After disabling the 802.11d on a 2.4Ghz radio, use a packet analyzer to check the beacon and verify that the Country Information Tag is no longer under in Tagged Parameters.

    Previous
    Next

    Support enabling or disabling 802.11d 7.2.1

    Support enabling or disabling 802.11d 7.2.1

    This enhancement adds the ability to toggle 802.11d support for 2.4 GHz radios through a FortiAP profile. In previous versions, 802.11d was always enabled on FortiAPs. When 802.11d is enabled, the FortiAPs broadcast the country code in beacons, probe responses, and probe requests. This led to some older legacy clients failing to associate to the FortiAP. The ability to disable 802.11d prevents the broadcasting of country code settings and provides backwards compatibility with those clients.

    Note

    Since IEEE 802.11d only applies to 2.4 GHz radios operating in the 802.11g band, disabling 802.11d only applies to radios configured to operate in the 802.11g band.
    To disable 802.11d:
    config wireless-controller wtp-profile
  edit FAP231F-default
    config radio-1
    set 80211d disable
  end
end
    To verify the configuration from FortiGate:

    1. From the FortiGate:

       diagnose wireless-controller wlac -c wtp FP231FTF20007509 | grep 80211d
    80211d enable : disabled

    2. When the previous FortiGate setting are applied to a Managed FortiAP, the settings can be verified on the FortiAP CLI through the rcfg and iwpriv commands:

      FortiAP-231F # rcfg | grep 802
   802.11d enable : disabled
FortiAP-231F #

Check iwpriv

FortiAP-231F # iwpriv wlan00 get_countryie
wlan00 get_countryie:0 (0x0)
FortiAP-231F #

    3. Sniff the packets in the air before and after disabling the feature:

      1. Before enabling the feature, use a packet analyzer to check the sample beacon packet for the Country Information Tag in Tagged parameters.

      2. After disabling the 802.11d on a 2.4Ghz radio, use a packet analyzer to check the beacon and verify that the Country Information Tag is no longer under in Tagged Parameters.

    Previous
    Next