wireless-controller wtp (5.4)

Use this command to configure various wireless transaction protocol (WTP) settings, inlcuding VAP override options and physical APs for management by the wireless controller, also known as an Access Controller (AC).

Note: Radio 2 settings are only available for FortiAP models with dual radios.

config {radio-1 | radio-2}

A configuration method to set various override options for Radio 1 and/or Radio 2.

override-band {enable | disable}

Enable or disable (by default) the override of a specific AP-mode radio band. When enabled, use the band entry to configure the band.

band {802.11b | 802.11g | 802.11n | 802.11n,g-only | 802.11g-only | 802.11n-only}

Note: This entry is only available when override-band is set to enable.

Band of AP-mode radio. Note that this entry becomes available at the same time as channel does. In order to set the band, channel must be empty. To do this, enter unset channel. The channel may then be set after the band.

override-txpower {enable | disable}

Enable or disable (by default) the override of transmission power. When enabled, use the auto-power-level and power-level entries to to configure further power level options.

auto-power-level {enable | disable}

Note: This entry is only available when override-txpower is set to enable.

Enable or disable (by default) automatic transmission power adjustment. When enabled, use the auto-power-high and auto-power-low entries to configure the high and low limitations. When disabled, use the power-level entry to configure the power level percentage.

auto-power-high <dBm>

Note: This entry is only available when override-txpower is set to enable and auto-power-level is then set to enable.

Automatic transmission power high limit in decibels (dB) of the measured power referenced to one milliwatt (mW), or dBm. Set the value between 10-17. The default is set to 17.

auto-power-low <dBm>

Note: This entry is only available when override-txpower is set to enable and auto-power-level is then set to enable.

Automatic transmission power low limit in dBm. Set the value between 1-17. The default is set to 10.

power-level <percentage>

Note: This entry is only available when override-txpower is set to enable and auto-power-level is then set to disable.

Radio power level as a percentage; as such, set the value between 0-100. The default is set to 100.

The maximum power level (i.e. 100%) will set to the regulatory maximum for your region, as determined by the country entry under config wireless-controller setting.

override-vaps {enable | disable}

Enable or disable (by default) the override of VAPs. When enabled, use the vap-all and vaps entries to configure the VAPs carried on the physical AP.

vap-all {enable | disable}

Note: This entry is only available when override-vaps is set to enable.

Enable or disable (by default) the automatic inheritance of all VAPs. If disabled, you can select specific VAPs by using the vaps entry (see below).

vaps <vaps>

Note: This entry is only available when override-vaps is set to enable and vap-all is then set to disable.

Specific VAPs carried on this physical AP. Separate each value with a space to add multiple VAPs. Values can also be added using append.

override-channel {enable | disable}

Enable or disable (by default) the override of channels. When enabled, use the channel entry to enter the channels used by the AP.

channel {1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11}

Note: This entry is only available when either override-band or override-channel are set to enable.

Wireless radio channels to override. Separate each value with a space to add multiple channels. Values can also be added using append.


config split-tunneling-acl

Note: This configuration method is only available when split-tunneling-acl-local-ap-subnet is set to enable.

A configuration method to set various split tunneling access control list (ACL) filter lists.

dest-ip <ipv4>

IPv4 destination address to be added to the ACL filter.


config lan

Note: This configuration method is only available when override-lan is set to enable.

A configuration method to set WTP port mode.

port-mode {offline | nat-to-wan | bridge-to-wan | bridge-to-ssid}

LAN port mode:

  • offline: No port bridging (by default)
  • nat-to-wan: Bridge NAT to the incoming WAN interface
  • bridge-to-wan: Bridge all LAN ports to the WAN interface
  • bridge-to-ssid: Bridge all LAN ports to the SSID

admin {discovered | disable | enable}

Enable (by default) or disable the AC to provide service to this WTP, or have the WTP discovered through either discovery or join request messages.


name <name>

Name for the AP.


location <location>

Location of the AP.


wtp-profile <profile>

Name of the WTP profile to apply to this AP, as created under config wireless-controller wtp-profile.


wtp-mode {normal | remote}

AP operating mode: normal (by default) or remote.

A tunnel mode SSID can be assigned to an AP in normal mode but not remote mode, while a local-bridge mode SSID can be assigned to an AP in either normal mode or remote mode.


override-led-state {enable | disable}

Enable or disable (by default) the override of LED state. When enabled, use the led-state entry to enable or disable use of LEDs on WTP.


led-state {enable | disable}

Note: This entry is only available when override-led-state is set to enable.

Enable (by default) or disable the use of LEDs on WTP.


override-ip-fragment {enable | disable}

Enable or disable (by default) the override of IP fragmentation. When enabled, use the ip-fragment-preventing, tun-mtu-uplink, and tun-mtu-downlink entries to configure IP fragmentation settings.


ip-fragment-preventing {tcp-mss-adjust | icmp-unreachable}

Note: This entry is only available when override-ip-fragment is set to enable.

Method by which IP fragmentation is prevented for CAPWAP tunneled control and data packets:

  • tcp-mss-adjust: TCP maximum segment adjustment (by default).
  • icmp-unreachable: Drop packet and send an Internet Control Message Protocol (ICMP) Destination Unreachable error message.

tun-mtu-uplink <bytes>

Note: This entry is only available when override-ip-fragment is set to enable.

Uplink tunnel maximum transmission unit (MTU) in octets (eight-bit bytes). An MTU is the largest size packet or frame that can be sent in a packet.

Set the value to either 0 (by default), 576, or 1500.


tun-mtu-downlink <bytes>

Note: This entry is only available when override-ip-fragment is set to enable.

Downlink tunnel MTU in octets. Set the value to either 0 (by default), 576, or 1500.


override-split-tunnel {enable | disable}

Enable or disable (by default) to override split-tunneling. When enabled, use the split-tunneling-acl-local-ap-subnet entry to enable/disable the configuration of ACL filter lists.


split-tunneling-acl-local-ap-subnet {enable | disable}

Note: This entry is only available when override-split-tunnel is set to enable.

Enable or disable (by default) specified destinations to be accessed locally instead of through the WiFi controller. When enabled, the split-tunneling-acl configuration method will become available.


override-lan {enable | disable}

Enable or disable (by default) to override the WTP LAN port. When enabled, the lan configuration method will become available.


override-allowaccess {enable | disable}

Enable or disable (by default) to override management-access per protocol. When enabled, use the allowaccess entry to set the protocols permitted management-access.


allowaccess {telnet | http | https | ssh}

Note: This entry is only available when override-allowaccess is set to enable.

Protocols to allow management-access to managed APs: telnet, http, https, and ssh.

Separate each value with a space to add multiple protocols. Values can also be added using append.


override-login-passwd-change {enable | disable}

Enable or disable (by default) to override the login-password of managed APs. When enabled, use the login-passwd-change entry to determine password-change settings.


login-passwd-change {yes | default | no}

Note: This entry is only available when override-login-passwd-change is set to enable.

Login password options:

  • yes: Change login password of the managed AP
  • default: Reset login password to factory default
  • no: Do not change login password (by default)

image-download {enable | disable}

Enable (by default) or disable image download of WTP to the AP.

In addition, you can use the following command to import the WTP firmware file from a TFTP server:

execute wireless-controller upload-wtp-image tftp <filename> <TFTP server address>

mesh-bridge-enable {default | enable | disable}

Enable, disable, or use default (by default) mesh Ethernet bride local settings on the WTP (when the WTP is configured as a mesh branch-leaf AP).


coordinate-enable {enable | disable}

Enable or disable (by default) AP coordinates. When enabled, use the coordinate-x and coordinate-y entries to set the AP’s X and Y axes.


coordinate-x <string>

Note: This entry is only available when coordinate-enable is set to enable.

X axis coordinate of the AP.


coordinate-y <string>

Note: This entry is only available when coordinate-enable is set to enable.

Y axis coordinate of the AP.

Share this page:
Facebooktwittergoogle_pluslinkedinmail

Leave a Reply

Be the First to Comment!

avatar
wpDiscuz