Fortinet black logo

FortiAP-W2 Release Notes

Home FortiAP / FortiWiFi 7.4.0 FortiAP-W2 Release Notes
7.4.0
7.4.2
7.4.1
7.4.0
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0

New features or enhancements

New features or enhancements

The following table includes FortiAP-W2 version 7.4.0 new features and enhancements:

Bug ID

Description

867684

Support WPA3-SAE security over the mesh backhaul.

On the FortiGate CLI (FortiOS 7.4.0), add one mesh-backhaul vap with security wpa3-sae, and assign it to the mesh-root FortiAP.

Note: The "Hash-to-Element (H2E) only" option is mandatory for the mesh backhaul.

On the mesh-leaf FortiAP CLI, input the following mesh settings:

cfg -a MESH_AP_TYPE=1

cfg -a MESH_AP_SSID=meshssidname

cfg -a MESH_AP_SECURITY=2

cfg -a MESH_AP_PASSWD=meshssidpassword

cfg -c

887980

Support a new data-channel security option "ipsec-sn".

The FortiAP serial number is added to the initial IPsec setup message so that it can be used by a dispatcher to query the destination FortiGate. Then the FortiAP will connect to the FortiGate and encrypt the data channel with an IPsec-VPN tunnel.

Region/country code update and DFS certification

Bug ID

Description

916055

Enable DFS channels for FAP-221E Gen3 and FAP-223E Gen3 with region code "K".

Changes in CLI

Bug ID

Description
903756

A new cfg variable MESH_AP_SECURITY is added for the security mode of mesh-backhaul SSID.

cfg -a MESH_AP_SECURITY=0 | 1 | 2

Input 0 for "Open", 1 for "WPA/WPA2-Personal", or 2 for "WPA3-SAE". The default value is 0.
Previous
Next

New features or enhancements

The following table includes FortiAP-W2 version 7.4.0 new features and enhancements:

Bug ID

Description

867684

Support WPA3-SAE security over the mesh backhaul.

On the FortiGate CLI (FortiOS 7.4.0), add one mesh-backhaul vap with security wpa3-sae, and assign it to the mesh-root FortiAP.

Note: The "Hash-to-Element (H2E) only" option is mandatory for the mesh backhaul.

On the mesh-leaf FortiAP CLI, input the following mesh settings:

cfg -a MESH_AP_TYPE=1

cfg -a MESH_AP_SSID=meshssidname

cfg -a MESH_AP_SECURITY=2

cfg -a MESH_AP_PASSWD=meshssidpassword

cfg -c

887980

Support a new data-channel security option "ipsec-sn".

The FortiAP serial number is added to the initial IPsec setup message so that it can be used by a dispatcher to query the destination FortiGate. Then the FortiAP will connect to the FortiGate and encrypt the data channel with an IPsec-VPN tunnel.

Region/country code update and DFS certification

Bug ID

Description

916055

Enable DFS channels for FAP-221E Gen3 and FAP-223E Gen3 with region code "K".

Changes in CLI

Bug ID

Description
903756

A new cfg variable MESH_AP_SECURITY is added for the security mode of mesh-backhaul SSID.

cfg -a MESH_AP_SECURITY=0 | 1 | 2

Input 0 for "Open", 1 for "WPA/WPA2-Personal", or 2 for "WPA3-SAE". The default value is 0.
Previous
Next