Enable telnet while connected to Fortigate
By default when a FortiAP is connected to it’s controller you lose the abililty to telnet to the AP. In order to gain access via telnet we’ll need to enable it in the controller profile.
In the controller CLI:
config wireless-controller wtp show edit <FAP serial number> set login-enable enable end
Disable Encryption between AP and Controller
By default CAPWAP communication between the AP and the Fortigate is encrypted. You may need to disable encryption in order troubleshoot issues. It will need to be disabled on both the AP and Fortigate.
On the AP:
cw_diag plain-ctl 1
On the Fortigate:
diagnose wireless-controller wlac plain-ctl 1