Fortinet white logo
Fortinet white logo

Operational Guidelines

Operational Guidelines

This section describes information related to the usage of FortiWLM.

This table lists the security modes supported for the Service Assurance Manager (SAM) on FortiWLM.

AP Models

Security Modes
Supported

All supported models

Open

WPA2 Enterprise AES

WPA2 PSK AES

Mixed PSK TKIP

Mixed Enterprise TKIP

FortiWLC Controllers

This following information is related to the usage of FortiWLM with FortiWLC controllers.

  • In case of an Nplus1 cluster, note the following points:
    • After the Nplus1 cluster formation is complete, it takes a maximum of 10 minutes to get discovered in FortiWLM.
    • If the slave and master controllers are to work as standalone, then backup the FortiWLM configuration, double delete the controller and add it again from the controller inventory in FortiWLM, so that the controller can be successfully managed.
  • FortiWLC 8.5 onwards the MC-VE series virtual controllers are NOT supported.
  • After upgrading from pre-8.4.1, disable and enable the location service profile, in case the location service is running.
  • The GUI menu option (Administration > System Settings > High Availability) to configure high availability from is removed for FortiWLM-100D.
  • The risk level for Monitor > Overview > Application Summary cannot be defined for custom applications.
  • [VPN with NPlus1] Configure the VPN client before configuring NPlus1 in slave controller.
  • Configure Jumbo frames from the controller only when the MTU values are to be more than 4500 bytes.
  • Fortinet recommends usage of certificates with OCSP endpoint URI, when uploading certificates onto the WLM.
  • Fortinet recommends running a single FortiWLM GUI session in scale setups.

FortiGate Controllers

This following information is related to the usage of FortiWLM with FortiGate controllers.

  • A maximum of 5 concurrent GUI sessions are allowed.
  • The FortiWLC, FortiGate, and FortiWLM time must be synchronized. It is recommended to use NTP server.
  • RF Planner supports only FAP-Us (Universal APs).
  • Application control is supported on FortiOS version 6.2.2 and later.
  • Application control is supported only for disk and Memory log storages from FortiGate controllers.
  • Station activity logs are supported on FortiOS version 6.2.0 and later.
  • Station logs can be accessed from the Disk, FortiCloud, FortiAnalyzer and Memory. Disk availability is for specific FortiGate models.
  • Station logs from log storage as FortiCloud will fetch only 100 events at once.

Feature

FortiOS Versions

6.0.6

6.2.0/6.2.1

6.2.2/6.2.3/
6.4.0 to 6.4.8

Dashboard Status

Application Control X

X

Station Data

Station activity logs

X

AP Dashboard

Retry %

X X

Loss %

X X X

Channel Utilization%

SNR (dBm)

X

X

Station Dashboard

Retry %

X X X

Loss %

X

Channel Utilization%

X

X

X

SNR (dBm)

Operational Guidelines

Operational Guidelines

This section describes information related to the usage of FortiWLM.

This table lists the security modes supported for the Service Assurance Manager (SAM) on FortiWLM.

AP Models

Security Modes
Supported

All supported models

Open

WPA2 Enterprise AES

WPA2 PSK AES

Mixed PSK TKIP

Mixed Enterprise TKIP

FortiWLC Controllers

This following information is related to the usage of FortiWLM with FortiWLC controllers.

  • In case of an Nplus1 cluster, note the following points:
    • After the Nplus1 cluster formation is complete, it takes a maximum of 10 minutes to get discovered in FortiWLM.
    • If the slave and master controllers are to work as standalone, then backup the FortiWLM configuration, double delete the controller and add it again from the controller inventory in FortiWLM, so that the controller can be successfully managed.
  • FortiWLC 8.5 onwards the MC-VE series virtual controllers are NOT supported.
  • After upgrading from pre-8.4.1, disable and enable the location service profile, in case the location service is running.
  • The GUI menu option (Administration > System Settings > High Availability) to configure high availability from is removed for FortiWLM-100D.
  • The risk level for Monitor > Overview > Application Summary cannot be defined for custom applications.
  • [VPN with NPlus1] Configure the VPN client before configuring NPlus1 in slave controller.
  • Configure Jumbo frames from the controller only when the MTU values are to be more than 4500 bytes.
  • Fortinet recommends usage of certificates with OCSP endpoint URI, when uploading certificates onto the WLM.
  • Fortinet recommends running a single FortiWLM GUI session in scale setups.

FortiGate Controllers

This following information is related to the usage of FortiWLM with FortiGate controllers.

  • A maximum of 5 concurrent GUI sessions are allowed.
  • The FortiWLC, FortiGate, and FortiWLM time must be synchronized. It is recommended to use NTP server.
  • RF Planner supports only FAP-Us (Universal APs).
  • Application control is supported on FortiOS version 6.2.2 and later.
  • Application control is supported only for disk and Memory log storages from FortiGate controllers.
  • Station activity logs are supported on FortiOS version 6.2.0 and later.
  • Station logs can be accessed from the Disk, FortiCloud, FortiAnalyzer and Memory. Disk availability is for specific FortiGate models.
  • Station logs from log storage as FortiCloud will fetch only 100 events at once.

Feature

FortiOS Versions

6.0.6

6.2.0/6.2.1

6.2.2/6.2.3/
6.4.0 to 6.4.8

Dashboard Status

Application Control X

X

Station Data

Station activity logs

X

AP Dashboard

Retry %

X X

Loss %

X X X

Channel Utilization%

SNR (dBm)

X

X

Station Dashboard

Retry %

X X X

Loss %

X

Channel Utilization%

X

X

X

SNR (dBm)