Fortinet white logo
Fortinet white logo

Operational Guidelines

Operational Guidelines

This section describes information related to the usage of FortiWLM.

This table lists the security modes supported for the Service Assurance Manager (SAM) on FortiWLM.

AP Models

Security Modes
Supported

All supported models

Open

WPA2 Enterprise AES

WPA2 PSK AES

Mixed PSK TKIP

Mixed Enterprise TKIP

The FortiWLC, FortiGate, and FortiWLM time must be synchronized. It is recommended to use NTP server.

FortiGate Scale Deployment

The following scale deployment limits apply to FortiGate-FortiWLM when the polling interval is set to 10 minutes.

Devices

Maximum Limit

FortiWLM-1000D

FortiWLM-100D​

FWM-VM

FortiGate controllers 5000

500

10000

Access Points 15000

2000

20000

Stations 100K

20K

150K

The following scale deployment limits apply to FortiGate-FortiWLM when the polling interval is set to 1 minute.

Devices

Maximum Limit

FortiWLM-1000D

FortiWLM-100D​

FWM-VM

FortiGate controllers

1600

200

1600

Access Points

3200

400

3200

Stations

32K

8000

32K

The following are the hardware requirements for the aforementioned scale deployments.

Hardware Requirements

FortiWLM-1000D

FortiWLM-100D​

FWM-VM

8 CPU/16 GB RAM/2 TB storage​

4 CPU/4 GB RAM/1TB storage​

8 CPU/16 GB RAM/2 TB storage​

FortiWLC Controllers

This following information is related to the usage of FortiWLM with FortiWLC controllers.

  • In case of an Nplus1 cluster, note the following points:
    • After the Nplus1 cluster formation is complete, it takes a maximum of 10 minutes to get discovered in FortiWLM.
    • If the secondary and primary controllers are to work as standalone, then backup the FortiWLM configuration, double delete the controller and add it again from the controller inventory in FortiWLM, so that the controller can be successfully managed.
  • The GUI menu option (Administration > System Settings > High Availability) to configure high availability from is removed for FortiWLM-100D.
  • The risk level for Monitor > Overview > Application Summary cannot be defined for custom applications.
  • [VPN with NPlus1] Configure the VPN client before configuring NPlus1 in secondary controller.
  • Configure Jumbo frames from the controller only when the MTU values are to be more than 4500 bytes.
  • Fortinet recommends usage of certificates with OCSP endpoint URI, when uploading certificates onto the WLM.
  • Fortinet recommends running a single FortiWLM GUI session in scale setups.

FortiGate Controllers

This following information is related to the usage of FortiWLM with FortiGate controllers.

  • A maximum of 5 concurrent GUI sessions are allowed.
  • Application control is supported on FortiOS version 6.2.2 and later.
  • Station activity logs are supported on FortiOS version 6.2.0 and later.
  • Station logs from log storage as FortiCloud will fetch only 100 events at once.
  • Wired clients are not supported.

Features

FortiOS Versions

6.2.2/6.2.3

6.4.0/6.4.1/6.4.2/6.4.3/6.4.4/

6.4.5/6.4.6/6.4.7

7.0.0/7.0.1/7.0.2/7.0.3/7.0.5/7.2.0/7.2.1/7.2.2/ 7.2.3/7.2.4/7.2.5/7.4.0

Dashboard Status

Application Control

Station Data

Station activity logs

AP Dashboard

Retry %

Loss %

Channel Utilization%

SNR (dBm)

Average Throughput

X X

Station Dashboard

Retry %

Loss %

Channel Utilization%

X

X

X

SNR (dBm)

Operational Guidelines

Operational Guidelines

This section describes information related to the usage of FortiWLM.

This table lists the security modes supported for the Service Assurance Manager (SAM) on FortiWLM.

AP Models

Security Modes
Supported

All supported models

Open

WPA2 Enterprise AES

WPA2 PSK AES

Mixed PSK TKIP

Mixed Enterprise TKIP

The FortiWLC, FortiGate, and FortiWLM time must be synchronized. It is recommended to use NTP server.

FortiGate Scale Deployment

The following scale deployment limits apply to FortiGate-FortiWLM when the polling interval is set to 10 minutes.

Devices

Maximum Limit

FortiWLM-1000D

FortiWLM-100D​

FWM-VM

FortiGate controllers 5000

500

10000

Access Points 15000

2000

20000

Stations 100K

20K

150K

The following scale deployment limits apply to FortiGate-FortiWLM when the polling interval is set to 1 minute.

Devices

Maximum Limit

FortiWLM-1000D

FortiWLM-100D​

FWM-VM

FortiGate controllers

1600

200

1600

Access Points

3200

400

3200

Stations

32K

8000

32K

The following are the hardware requirements for the aforementioned scale deployments.

Hardware Requirements

FortiWLM-1000D

FortiWLM-100D​

FWM-VM

8 CPU/16 GB RAM/2 TB storage​

4 CPU/4 GB RAM/1TB storage​

8 CPU/16 GB RAM/2 TB storage​

FortiWLC Controllers

This following information is related to the usage of FortiWLM with FortiWLC controllers.

  • In case of an Nplus1 cluster, note the following points:
    • After the Nplus1 cluster formation is complete, it takes a maximum of 10 minutes to get discovered in FortiWLM.
    • If the secondary and primary controllers are to work as standalone, then backup the FortiWLM configuration, double delete the controller and add it again from the controller inventory in FortiWLM, so that the controller can be successfully managed.
  • The GUI menu option (Administration > System Settings > High Availability) to configure high availability from is removed for FortiWLM-100D.
  • The risk level for Monitor > Overview > Application Summary cannot be defined for custom applications.
  • [VPN with NPlus1] Configure the VPN client before configuring NPlus1 in secondary controller.
  • Configure Jumbo frames from the controller only when the MTU values are to be more than 4500 bytes.
  • Fortinet recommends usage of certificates with OCSP endpoint URI, when uploading certificates onto the WLM.
  • Fortinet recommends running a single FortiWLM GUI session in scale setups.

FortiGate Controllers

This following information is related to the usage of FortiWLM with FortiGate controllers.

  • A maximum of 5 concurrent GUI sessions are allowed.
  • Application control is supported on FortiOS version 6.2.2 and later.
  • Station activity logs are supported on FortiOS version 6.2.0 and later.
  • Station logs from log storage as FortiCloud will fetch only 100 events at once.
  • Wired clients are not supported.

Features

FortiOS Versions

6.2.2/6.2.3

6.4.0/6.4.1/6.4.2/6.4.3/6.4.4/

6.4.5/6.4.6/6.4.7

7.0.0/7.0.1/7.0.2/7.0.3/7.0.5/7.2.0/7.2.1/7.2.2/ 7.2.3/7.2.4/7.2.5/7.4.0

Dashboard Status

Application Control

Station Data

Station activity logs

AP Dashboard

Retry %

Loss %

Channel Utilization%

SNR (dBm)

Average Throughput

X X

Station Dashboard

Retry %

Loss %

Channel Utilization%

X

X

X

SNR (dBm)