- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
FortiAP
FortiAP devices are thin wireless access points (AP) supporting the latest Wi-Fi technologies (multi-user MIMO 802.11ac Wave 1 and Wave 2, 4x4), as well as 802.11n, 802.11AX , and the demand for plug and play deployment.
- Fortinet Community
- Knowledge Base
- FortiAP
- Troubleshooting tip: Data to be captured for wifi ...
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Description
Solution
This article explains which data should be captured for wifi performance issue troubleshooting. This data should be prepared before opening a ticket with the Fortinet TAC.
Data collection should be performed during both off-peak and peak hours in order to obtain a comparison.
Data collection should be performed during both off-peak and peak hours in order to obtain a comparison.
Solution
Data needs to be captured for one test laptop connected to SSID. From the test PC, send continuous ping to wifi gateway IP.
On the FortiGate GUI, take screenshots of “Wireless Health” > “client count over time” (screenshot of 1h, 1 day and 30 days must be captured).
On the FortiGate GUI, locate the test PC > “client monitor” – filter on “device” using test PC’s MAC address. Take a screenshot of this output.
On the GUI, click on “Managed FortiAPs” and make sure “join-time” columns is selected. Take a screenshot.
Capture the following debug information (output must be logged to a file)
# diagnose wireless-controller wlac -d wtp
# diagnose wireless-controller wlac -c wtp
# diagnose wireless-controller wlac -d sta
The information captured above required to verify the status of the network when capturing the debug.
The live debug will start from now:
Set the admin time out to 480 minutes to avoid unexpected putty session time outs,this can be reverted back to defaults after capturing data.
A- On the FortiAP
1) Open a first telnet session to the FortiAP where the test PC is connected and capture dmesg on the FortiAP session must be logged to a file (dmesgbeforepeak.log and dmesgdureinpeak.log)
# cw_diag repeat 10000 1 "dmesg -c"
This command will continuously capture the dmesg on the FortiAP and prompt will be returned after 10000 counts If there is any ping lost, it should be captured on this output.
2) At the same time, open another telnet session to the FortiAP and capture cw_debug on the FortiAP, the session must be logged to a file (cwdebug.log before and during peak hours)
FAP# # cw_debug on
FAP# # cw_debug app cwWtpd 0x7fff
B- Air sniffer
At the same time, a wireless sniffer must be taken nearby the test PC. Make sure there is NO filter on the air sniffer. Channel must be set to the one used by the test PC (association to FortiAP).
Please refer to the related article "Sniffing wireless between FortiAP and wireless client.
C- On the FortiGate
At the same time, on the FortiGate, the following information must be captured:
- debug cw_acd on the FortiGate from SSH
- sniffer trace on the FortiGate from SSH - session must be logged to a file
In order to filter traffic of FortiAP where the test PC is connected, the following must be done (this is an example) using
# diag wireless-controller wlac -c ws
Find the FAP WTP session of the FAP used by test PC.
[This is the output taken from a lab as an example]
-------------------------------WTP SESSION 2----------------------------
WTP session : 0-192.168.222.82:5246 CWAS_RUN impacted FAP session
indev : 4(wan2)
in_ifIdx : 4(wan2)
mesh uplink : ethernet
id : FP221B3X11000009
Using the output above use the following diag command to turn on filter:
# diagnose wireless-controller wlac wtp_filter FP221B3X11000009 0-192.168.222.82:5246 4
Then the following debug can be enabled
# diag debug console timestamp enable
# diag debug application cw_acd 0x7fff
# diag debug enable
Note:-As soon you enable above commands you will see lot of logs coming up, but you can copy and paste below sniffer commands on same window without any error
Sniffer trace must be capture at the same time on the same ssh session:
# diagnose sniffer packet any "host" 6 0 a
The output must be capture to a file (FGT.log before and during peak)
D- Collect ping test results on STA(test PC).
While ping is running, take screenshot whenever there is a ping loss and paste it on a word file with file name as sta_ping_log. Make sure ping timeouts and laptop time are visible on screenshots.
Leave the debug (A, B, C and D) running during the time that the problem is present. Duration of the capture will depend on the presence of the problem (ping loss)
If issue is not occuring in 5 to 10 minutes time, start saving logs to a new file and ignore the old file.
To troubleshoot this issue capture during problem state only will be helpful.
To analyze the data open a support ticket and attach the zipped data along with latest config file.
On the FortiGate GUI, take screenshots of “Wireless Health” > “client count over time” (screenshot of 1h, 1 day and 30 days must be captured).
On the FortiGate GUI, locate the test PC > “client monitor” – filter on “device” using test PC’s MAC address. Take a screenshot of this output.
On the GUI, click on “Managed FortiAPs” and make sure “join-time” columns is selected. Take a screenshot.
Capture the following debug information (output must be logged to a file)
# diagnose wireless-controller wlac -d wtp
# diagnose wireless-controller wlac -c wtp
# diagnose wireless-controller wlac -d sta
The information captured above required to verify the status of the network when capturing the debug.
The live debug will start from now:
Set the admin time out to 480 minutes to avoid unexpected putty session time outs,this can be reverted back to defaults after capturing data.
A- On the FortiAP
1) Open a first telnet session to the FortiAP where the test PC is connected and capture dmesg on the FortiAP session must be logged to a file (dmesgbeforepeak.log and dmesgdureinpeak.log)
# cw_diag repeat 10000 1 "dmesg -c"
This command will continuously capture the dmesg on the FortiAP and prompt will be returned after 10000 counts If there is any ping lost, it should be captured on this output.
2) At the same time, open another telnet session to the FortiAP and capture cw_debug on the FortiAP, the session must be logged to a file (cwdebug.log before and during peak hours)
FAP# # cw_debug on
FAP# # cw_debug app cwWtpd 0x7fff
B- Air sniffer
At the same time, a wireless sniffer must be taken nearby the test PC. Make sure there is NO filter on the air sniffer. Channel must be set to the one used by the test PC (association to FortiAP).
Please refer to the related article "Sniffing wireless between FortiAP and wireless client.
C- On the FortiGate
At the same time, on the FortiGate, the following information must be captured:
- debug cw_acd on the FortiGate from SSH
- sniffer trace on the FortiGate from SSH - session must be logged to a file
In order to filter traffic of FortiAP where the test PC is connected, the following must be done (this is an example) using
# diag wireless-controller wlac -c ws
Find the FAP WTP session of the FAP used by test PC.
[This is the output taken from a lab as an example]
-------------------------------WTP SESSION 2----------------------------
WTP session : 0-192.168.222.82:5246 CWAS_RUN impacted FAP session
indev : 4(wan2)
in_ifIdx : 4(wan2)
mesh uplink : ethernet
id : FP221B3X11000009
Using the output above use the following diag command to turn on filter:
# diagnose wireless-controller wlac wtp_filter FP221B3X11000009 0-192.168.222.82:5246 4
Then the following debug can be enabled
# diag debug console timestamp enable
# diag debug application cw_acd 0x7fff
# diag debug enable
Note:-As soon you enable above commands you will see lot of logs coming up, but you can copy and paste below sniffer commands on same window without any error
Sniffer trace must be capture at the same time on the same ssh session:
# diagnose sniffer packet any "host
The output must be capture to a file (FGT.log before and during peak)
D- Collect ping test results on STA(test PC).
While ping is running, take screenshot whenever there is a ping loss and paste it on a word file with file name as sta_ping_log. Make sure ping timeouts and laptop time are visible on screenshots.
Leave the debug (A, B, C and D) running during the time that the problem is present. Duration of the capture will depend on the presence of the problem (ping loss)
If issue is not occuring in 5 to 10 minutes time, start saving logs to a new file and ignore the old file.
To troubleshoot this issue capture during problem state only will be helpful.
To analyze the data open a support ticket and attach the zipped data along with latest config file.
Related Articles
Technical Note : Sniffing wireless between FortiAP and wireless Client before 5.0
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.