Fortinet black logo

FortiAP Release Notes

Home FortiAP / FortiWiFi 7.0.2 FortiAP Release Notes
7.0.2
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0

New features or enhancements

New features or enhancements

The following table includes FortiAP version 7.0.2 new features and enhancements:

Bug ID

Description
670724 FortiAP accepts hexadecimal values of EddyStone namespace ID and instance ID in Bluetooth low energy (BLE) profile.
701339 FortiAP admin password supports up to 128 characters for local LOGIN_PASSWD variable and wtp/wtp-profile login-passwd configured from WiFi Controller.
702766 FortiAP supports the Release 3 of Hotspot 2.0.
713612 FortiPresence PUSH API update: FortiAP sends its region map information to FortiPresence server for positioning wireless stations.
718009 FortiAP can send log messages to a Syslog server.
731714 FortiAP can advertise its name, model, and/or serial number in the vendor specific element of beacon frames.
733596 When RADIUS-based MAC authentication is enabled, FortiAP can implement multiple pre-shared key (MPSK) authentication by checking passphrase together with MAC address of each client.
735630 FortiAP admin password requires a minimum of 5 characters and no longer allows blank password.
735632 From WiFi Controller wtp-profile configuration, FortiAP WAN port can be set as an 802.1X supplicant to authenticate to local infrastructure network using EAP protocols.
736558 FortiAP reports more information (SGI, bandwidth, max rate, PHY mode) of rogue APs to the FortiGate WiFi controller.

746045

FortiAP supports FQDN address mode of FortiPresence server configured from WiFi Controller.

Region/country code update and DFS certification

Bug ID

Description
730739, 750252 Supports DFS channels on FAP-231F with region code N (including Brazil) and S.
735175, 744412, 750252 Supports DFS channels on FAP-234F with region code J, N (including Brazil) and T.
733996, 735187, 751657 Supports DFS channels on FAP-23JF for region and A, J, N (including Brazil), S and T.
730759, 751585 Supports DFS channels on FAP-431F and FAP-433F with region code N (including Brazil) and S.
735187, 744395 Supports DFS channels on FAP-432F with region code N (including Brazil) and T.

720805, 748136, 749849

Supports DFS channels on FAP-831F with region code A, D, E, I, N (except Brazil), S, T, V and Y.

Changes in CLI

Bug ID

Description

577504

A stronger encryption has been adopted to better protect all password inputs, including LOGIN_PASSWD, AC_DISCOVERY_FCLD_PASSWD, MESH_AP_PASSWD and WAN_1X_PASSWD.
721033

The restore command has new options added for server type, tftp or ftp:

  • tftp: to download FAP firmware from a TFTP server.
  • ftp: to download FAP firmware from an FTP server.

If not explicitly set, it defaults to tftp, the same behavior as before.

restore [tftp] <FAP firmware name> <TFTP server IP>

restore ftp <FAP firmware name> <FTP server IP> <username> <password>

735632

When WiFi Controller won't overwrite FAP WAN port authentication, FAP can configure its own 802.1X supplicant locally.

New cfg variables:

WAN_1X_ENABLE

WAN port 802.1x supplicant enable/disable

[0(Disabled), 1(Enabled)]. default=0

WAN_1X_USERID

WAN port 802.1x supplicant user ID

WAN_1X_PASSWD

WAN port 802.1x supplicant password

WAN_1X_METHOD

WAN port 802.1x supplicant EAP methods

[0(EAP-ALL), 1(EAP-FAST), 2(EAP-TLS), 3(EAP-PEAP)]. default=0

Diagnose command:

cw_diag -c wan1x

cw_diag -c wan1x [show-ca-cert|show-client-cert|del-all|del-ca-cert|del-client-cert|del-private-key|[<get-ca-cert|get-client-cert|get-private-key> <TFTP server IP> <file name>]]

750308

A new command is added for FortiAP to upload Target Assert logs to a specified TFTP server.

cw_diag wlanfw-dump <TFTP server IP>

Previous
Next

New features or enhancements

The following table includes FortiAP version 7.0.2 new features and enhancements:

Bug ID

Description
670724 FortiAP accepts hexadecimal values of EddyStone namespace ID and instance ID in Bluetooth low energy (BLE) profile.
701339 FortiAP admin password supports up to 128 characters for local LOGIN_PASSWD variable and wtp/wtp-profile login-passwd configured from WiFi Controller.
702766 FortiAP supports the Release 3 of Hotspot 2.0.
713612 FortiPresence PUSH API update: FortiAP sends its region map information to FortiPresence server for positioning wireless stations.
718009 FortiAP can send log messages to a Syslog server.
731714 FortiAP can advertise its name, model, and/or serial number in the vendor specific element of beacon frames.
733596 When RADIUS-based MAC authentication is enabled, FortiAP can implement multiple pre-shared key (MPSK) authentication by checking passphrase together with MAC address of each client.
735630 FortiAP admin password requires a minimum of 5 characters and no longer allows blank password.
735632 From WiFi Controller wtp-profile configuration, FortiAP WAN port can be set as an 802.1X supplicant to authenticate to local infrastructure network using EAP protocols.
736558 FortiAP reports more information (SGI, bandwidth, max rate, PHY mode) of rogue APs to the FortiGate WiFi controller.

746045

FortiAP supports FQDN address mode of FortiPresence server configured from WiFi Controller.

Region/country code update and DFS certification

Bug ID

Description
730739, 750252 Supports DFS channels on FAP-231F with region code N (including Brazil) and S.
735175, 744412, 750252 Supports DFS channels on FAP-234F with region code J, N (including Brazil) and T.
733996, 735187, 751657 Supports DFS channels on FAP-23JF for region and A, J, N (including Brazil), S and T.
730759, 751585 Supports DFS channels on FAP-431F and FAP-433F with region code N (including Brazil) and S.
735187, 744395 Supports DFS channels on FAP-432F with region code N (including Brazil) and T.

720805, 748136, 749849

Supports DFS channels on FAP-831F with region code A, D, E, I, N (except Brazil), S, T, V and Y.

Changes in CLI

Bug ID

Description

577504

A stronger encryption has been adopted to better protect all password inputs, including LOGIN_PASSWD, AC_DISCOVERY_FCLD_PASSWD, MESH_AP_PASSWD and WAN_1X_PASSWD.
721033

The restore command has new options added for server type, tftp or ftp:

  • tftp: to download FAP firmware from a TFTP server.
  • ftp: to download FAP firmware from an FTP server.

If not explicitly set, it defaults to tftp, the same behavior as before.

restore [tftp] <FAP firmware name> <TFTP server IP>

restore ftp <FAP firmware name> <FTP server IP> <username> <password>

735632

When WiFi Controller won't overwrite FAP WAN port authentication, FAP can configure its own 802.1X supplicant locally.

New cfg variables:

WAN_1X_ENABLE

WAN port 802.1x supplicant enable/disable

[0(Disabled), 1(Enabled)]. default=0

WAN_1X_USERID

WAN port 802.1x supplicant user ID

WAN_1X_PASSWD

WAN port 802.1x supplicant password

WAN_1X_METHOD

WAN port 802.1x supplicant EAP methods

[0(EAP-ALL), 1(EAP-FAST), 2(EAP-TLS), 3(EAP-PEAP)]. default=0

Diagnose command:

cw_diag -c wan1x

cw_diag -c wan1x [show-ca-cert|show-client-cert|del-all|del-ca-cert|del-client-cert|del-private-key|[<get-ca-cert|get-client-cert|get-private-key> <TFTP server IP> <file name>]]

750308

A new command is added for FortiAP to upload Target Assert logs to a specified TFTP server.

cw_diag wlanfw-dump <TFTP server IP>

Previous
Next