Continued FortiAP operation when WiFi controller connection is down
The wireless controller, or the connection to it, might occasionally become unavailable. During such an outage, clients already associated with a bridge mode FortiAP unit continue to have access to the WiFi and wired networks. Optionally, the FortiAP unit can also continue to authenticate users if the SSID meets these conditions:
• Traffic Mode is Local bridge with FortiAP’s Interface.
In this mode, the FortiAP unit does not send traffic back to the wireless controller.
• Security Mode is either WPA/WPA2-Personal or Open.
These modes do not require the user database. In WPA/WPA2-Personal authentication, all clients use the same pre-shared key which is known to the FortiAP unit.
• Allow new client assocication when controller connection is down is enabled.
This field is available only if the other conditions have been met.
The “LANbridge” SSID example would be configured like this in the CLI:
config wireless-controller vap
edit "branchbridge"
set vdom "root"
set ssid "LANbridge"
set local-bridging enable
set security wpa-personal
set passphrase "Fortinet1"
set local-authentication enable
end