Its sometime get tough troubleshooting an AP Reboot issue. While troubleshooting Fortinet WiFi APs, You might need to capture the AP flash event log to identify the cause of reboot. However, some time AP flash space ran out already storing Maximum logs files(This could happen if AP is Up and running log time in production or there are many events happening in AP that filled up the space soon). In this case you might need to clear those flash log space, so it can store the latest/ fresh log files.
This is needed because you making sure that those are latest logs of the crash/reboot happened.
#You run the following command on AP to clear the old flash logs:
file areaerase logk0
file areaerase logk1
#You run the following command to read the flashlogs in the AP:
flashcmds show logk0
flashcmds show logk1
However, Incase of big deployments where you cannot run this on each AP separately and also without causing WIFI service disruption you have to run this at-least on a bunch of AP to save your time. We have something called “system commander” where you will be executing a script to clear those AP flash logs.
Step1:
To use the system commander tool you have to enable telnet on the controller.
FortiWLC# configure terminal
FortiWLC(config)# telnet enable
Step2:
Please create a folder on the c drive of your computer and copy these two files shared on the link below:
https://www.dropbox.com/s/82ir713iegxj0tt/SystemCommandExecutor_Ver14.exe?dl=0
https://www.dropbox.com/s/otrkiobxmhnhq4y/SystemCommands_AP.txt?dl=0
Step3:
Run the following commands from your computer command prompt window.
SYNTAX: cfolder_name SystemCommandExecutor_Ver14.exe -c ipaddressofcontroller-username-password -o 4 -a APMODEL -l 1
Example for AP822s:
C:\PRAVEEN>SystemCommandExecutor_Ver14.exe -c 192.168.10.3-admin-admin -o 4 -a AP822 -l 1
Explanation:
The folder name is the name of the folder in which you have saved the files(SystemCommands_AP.txt) on c drive. The username and password are the login credentials of the controller. The logs will be saved in the same folder on c drive once the loop is completed.
If you look at the syntax it has AP model mentioned in that so please choose the AP model accordingly, depending on for which AP you want to collect the logs.
* For any and all AP reboots we need to run this to gather AP reboot logs (file areaerase logk0/logk1)
* After collecting Disable Telnet
1. On the command prompt we need to specify AP model. Since we can only collect with particular AP type. If customer has mixed AP environment we need to collect separately for each AP model.
2. If we have any AP which is disable offline. Make sure to delete that entry before running System commander, since loop will end at that point and we don’t have option to start again from there. (Ex: If we have 100 AP on network and AP ID 44 is offline, loop will end at AP Id 44)
Addon :You can add more commands on the script file(SystemCommands_AP.txt) to execute and get to collect a dump of those command output’s too.
Journey in Cyber Security and Wi-Fi Engineering 