Fortinet black logo

FortiWiFi and FortiAP Configuration Guide

Home FortiAP / FortiWiFi 7.4.2 FortiWiFi and FortiAP Configuration Guide
7.4.2
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.1
7.2.0
7.0.4
7.0.2
7.0.1
7.0.0
6.4.6
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.2
6.2.0
6.0.5
6.0.4
6.0.3
5.6.4
5.4.3

Pole Star NAO Cloud service integration

Pole Star NAO Cloud service integration

Managed FortiAP units can be configured to scan Pole Star BLE asset tags and send the scanned data to the Pole Star's NAO Cloud. This enables wearable devices with BLE asset tags to communicate with FortiAPs via their built-in Bluetooth radios. The data forwarded to the cloud service is processed by Pole Star and analytics are generated to map the location of each asset.

To configure a Pole Star BLE profile - CLI:
config wireless-controller ble-profile
  edit "testpolestar"
    set ble-scanning enable
    set scan-type passive
    set scan-period 1000
    set scan-interval 30
    set scan-window 30
  next
end

scan-type

There are two types of scanning; active and passive.

  • Active BLE scanning: Send a scan request for additional information from the advertiser.
  • Passive BLE scanning: Only receive data from the advertising device.

Scan Type (default = active).

scan-threshold

Enter a minimum signal level/threshold in dBm required for the AP to report detected BLE device (-95 to -20, default = -90).

scan-period

The scan period is the total time for each round.

Enter an integer value from <1000> to <10000> (default = <4000>).

scan-time

The scan time is the duration in which the device stays in the scanning state.

Enter an integer value from <1000> to <10000> (default = <1000>).

scan-interval

The scan interval is the interval between the start of two consecutive scan windows.

Enter an integer value from <10> to <1000> (default = <50>).

scan-window

The scan window is the duration the Link layer scans on one channel.

Enter an integer value from <10> to <1000> (default = <50>)

Once you configure a BLE profile, you must apply the BLE profile to a FortiAP profile and then configure Pole Star server settings under location-based services (LBS) in the wtp-profile.

To configure Pole Star location-based services - CLI:
config wireless-controller wtp-profile
  edit "FAP431G-default"
    config platform
      set type 431G
    end
    set ble-profile "testpolestar"
    set handoff-sta-thresh 55
    config radio-1
      set band 802.11ax,n,g-only
    end
    config radio-2
      set band 802.11ax-5G
      set channel-bonding 40MHz
    end
    config radio-3
      set band 802.11ax-6G
      set channel-bonding 160MHz
    end
    config lbs
      set polestar enable
      set polestar-server-fqdn "ws-staging.nao-cloud.com"
      set polestar-server-token "nrhxj1qlmagx7dqakfihhw"
      set polestar-asset-uuid-list1 "1234*-*-*-*-12345*12"
      set polestar-asset-uuid-list2 "1234*-1234-1234-1234-123456789012"
      set polestar-asset-uuid-list3 "*-12*-*12-*-1234*55"
      set polestar-asset-uuid-list4 "12345678-1234-1234-1234-123456789012"
      set polestar-asset-addrgrp-list "pole-grp"
    end
  next
end
polestar Enable/disable Pole Star BLE NAO Track Real Time Location Service (RTLS) support (default = disable).
polestar-protocol Select the protocol to report Measurements, Advertising Data, or Location Data to NAO Cloud (default = WSS).
polestar-server-fqdn FQDN of Pole Star NAO Track Server (default = ws.nao-cloud.com).
polestar-server-path Path of Pole Star NAO Track Server (default = /v1/token/<access_token>/pst-v2).
polestar-server-token Access Token of Pole Star NAO Track Server.
polestar-server-port Port of Pole Star NAO Track Server (default = 443).

polestar-accumulation-interval

Time that measurements should be accumulated in seconds (default = 2).

polestar-reporting-interval

Time between reporting accumulated measurements in seconds (default = 2).

polestar-asset-uuid-list1

Tags and asset UUID list 1 to be reported (string in the format of 'XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX').

polestar-asset-uuid-list2

Tags and asset UUID list 2 to be reported (string in the format of 'XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX').

polestar-asset-uuid-list3

Tags and asset UUID list 3 to be reported (string in the format of 'XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX').

polestar-asset-uuid-list4

Tags and asset UUID list 4 to be reported (string in the format of 'XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX').

polestar-asset-addrgrp-list

Tags and asset addrgrp list to be reported.

The polestar-asset-addrgrp-list setting uses a FortiOS firewall address group to include MAC addresses of Pole Star BLE tags. Either individual MAC address or MAC address range can be supported. For example:

config firewall addrgrp
  edit "pole-grp"
    set member "addr-01" "addr-05"
  next
end
config firewall address
  edit "addr-01"
    set type mac
    set macaddr "ee:0f:4d:00:11:22"
  next
  edit "addr-05"
    set type mac
    set macaddr "ee:0f:4d:00:00:00-ff:ff:ff:00:00:00"
  next
To verify the configurations:

From the FortiAP CLI, enter the following diagnostic commands:

FortiAP-431G # cw_diag -c ble-config
WTP Bluetooth Low Energy Configuration:
        ble scan report interval  : 30
        advertising               :
        ibeacon_uuid              : 00000000-0000-0000-0000-000000000000
        major ID                  : 0
        minor ID                  : 0
        eddystone namespace ID    :
        eddystone instance ID     :
        eddystone URL             :
        txpower                   : 0
        beacon interval           : 100
        ble scanning              : enabled (mode=passive,thresh=-90,period=1000,time=1000,intv=30,wind=30)

BLE address: c4:39:8f:ef:5b:67
BLE oper pid: 17473
BLE conf pid: 17473

FortiAP-431G # cw_diag -c ble-polestar
BLE PoleStar Config:
   ps_enable = enabled
   ps_proto = WSS
   ps_server_fqdn = ws-staging.nao-cloud.com
   ps_server_path = /v1/token/<access_token>/pst-v2
   ps_server_token = nrhxj1qlmagx7dqakfihhw
   ps_server_port = 443
   ps_acc_intv = 2
   ps_rpt_intv = 2
   ps_addrgrp_uuid_policy = allow
       B001 12340000-0000-0000-0000-123450000012 - ffff0000-0000-0000-0000-fffff00000ff
       B002 12340000-1234-1234-1234-123456789012 - ffff0000-ffff-ffff-ffff-ffffffffffff
       B003 00000000-1200-0012-0000-123400000055 - 00000000-ff00-00ff-0000-ffff000000ff
       B004 12345678-1234-1234-1234-123456789012 - ffffffff-ffff-ffff-ffff-ffffffffffff
   ps_addrgrp_policy = allow
       S005 ee:0f:4d:00:11:22
       B006 ee:0f:4d:00:00:00 - ff:ff:ff:00:00:00
   ps_ble_dev_max_rpt = 128
   ps_ble_dev_max_batch = 64
Previous
Next

Pole Star NAO Cloud service integration

Managed FortiAP units can be configured to scan Pole Star BLE asset tags and send the scanned data to the Pole Star's NAO Cloud. This enables wearable devices with BLE asset tags to communicate with FortiAPs via their built-in Bluetooth radios. The data forwarded to the cloud service is processed by Pole Star and analytics are generated to map the location of each asset.

To configure a Pole Star BLE profile - CLI:
config wireless-controller ble-profile
  edit "testpolestar"
    set ble-scanning enable
    set scan-type passive
    set scan-period 1000
    set scan-interval 30
    set scan-window 30
  next
end

scan-type

There are two types of scanning; active and passive.

  • Active BLE scanning: Send a scan request for additional information from the advertiser.
  • Passive BLE scanning: Only receive data from the advertising device.

Scan Type (default = active).

scan-threshold

Enter a minimum signal level/threshold in dBm required for the AP to report detected BLE device (-95 to -20, default = -90).

scan-period

The scan period is the total time for each round.

Enter an integer value from <1000> to <10000> (default = <4000>).

scan-time

The scan time is the duration in which the device stays in the scanning state.

Enter an integer value from <1000> to <10000> (default = <1000>).

scan-interval

The scan interval is the interval between the start of two consecutive scan windows.

Enter an integer value from <10> to <1000> (default = <50>).

scan-window

The scan window is the duration the Link layer scans on one channel.

Enter an integer value from <10> to <1000> (default = <50>)

Once you configure a BLE profile, you must apply the BLE profile to a FortiAP profile and then configure Pole Star server settings under location-based services (LBS) in the wtp-profile.

To configure Pole Star location-based services - CLI:
config wireless-controller wtp-profile
  edit "FAP431G-default"
    config platform
      set type 431G
    end
    set ble-profile "testpolestar"
    set handoff-sta-thresh 55
    config radio-1
      set band 802.11ax,n,g-only
    end
    config radio-2
      set band 802.11ax-5G
      set channel-bonding 40MHz
    end
    config radio-3
      set band 802.11ax-6G
      set channel-bonding 160MHz
    end
    config lbs
      set polestar enable
      set polestar-server-fqdn "ws-staging.nao-cloud.com"
      set polestar-server-token "nrhxj1qlmagx7dqakfihhw"
      set polestar-asset-uuid-list1 "1234*-*-*-*-12345*12"
      set polestar-asset-uuid-list2 "1234*-1234-1234-1234-123456789012"
      set polestar-asset-uuid-list3 "*-12*-*12-*-1234*55"
      set polestar-asset-uuid-list4 "12345678-1234-1234-1234-123456789012"
      set polestar-asset-addrgrp-list "pole-grp"
    end
  next
end
polestar Enable/disable Pole Star BLE NAO Track Real Time Location Service (RTLS) support (default = disable).
polestar-protocol Select the protocol to report Measurements, Advertising Data, or Location Data to NAO Cloud (default = WSS).
polestar-server-fqdn FQDN of Pole Star NAO Track Server (default = ws.nao-cloud.com).
polestar-server-path Path of Pole Star NAO Track Server (default = /v1/token/<access_token>/pst-v2).
polestar-server-token Access Token of Pole Star NAO Track Server.
polestar-server-port Port of Pole Star NAO Track Server (default = 443).

polestar-accumulation-interval

Time that measurements should be accumulated in seconds (default = 2).

polestar-reporting-interval

Time between reporting accumulated measurements in seconds (default = 2).

polestar-asset-uuid-list1

Tags and asset UUID list 1 to be reported (string in the format of 'XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX').

polestar-asset-uuid-list2

Tags and asset UUID list 2 to be reported (string in the format of 'XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX').

polestar-asset-uuid-list3

Tags and asset UUID list 3 to be reported (string in the format of 'XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX').

polestar-asset-uuid-list4

Tags and asset UUID list 4 to be reported (string in the format of 'XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX').

polestar-asset-addrgrp-list

Tags and asset addrgrp list to be reported.

The polestar-asset-addrgrp-list setting uses a FortiOS firewall address group to include MAC addresses of Pole Star BLE tags. Either individual MAC address or MAC address range can be supported. For example:

config firewall addrgrp
  edit "pole-grp"
    set member "addr-01" "addr-05"
  next
end
config firewall address
  edit "addr-01"
    set type mac
    set macaddr "ee:0f:4d:00:11:22"
  next
  edit "addr-05"
    set type mac
    set macaddr "ee:0f:4d:00:00:00-ff:ff:ff:00:00:00"
  next
To verify the configurations:

From the FortiAP CLI, enter the following diagnostic commands:

FortiAP-431G # cw_diag -c ble-config
WTP Bluetooth Low Energy Configuration:
        ble scan report interval  : 30
        advertising               :
        ibeacon_uuid              : 00000000-0000-0000-0000-000000000000
        major ID                  : 0
        minor ID                  : 0
        eddystone namespace ID    :
        eddystone instance ID     :
        eddystone URL             :
        txpower                   : 0
        beacon interval           : 100
        ble scanning              : enabled (mode=passive,thresh=-90,period=1000,time=1000,intv=30,wind=30)

BLE address: c4:39:8f:ef:5b:67
BLE oper pid: 17473
BLE conf pid: 17473

FortiAP-431G # cw_diag -c ble-polestar
BLE PoleStar Config:
   ps_enable = enabled
   ps_proto = WSS
   ps_server_fqdn = ws-staging.nao-cloud.com
   ps_server_path = /v1/token/<access_token>/pst-v2
   ps_server_token = nrhxj1qlmagx7dqakfihhw
   ps_server_port = 443
   ps_acc_intv = 2
   ps_rpt_intv = 2
   ps_addrgrp_uuid_policy = allow
       B001 12340000-0000-0000-0000-123450000012 - ffff0000-0000-0000-0000-fffff00000ff
       B002 12340000-1234-1234-1234-123456789012 - ffff0000-ffff-ffff-ffff-ffffffffffff
       B003 00000000-1200-0012-0000-123400000055 - 00000000-ff00-00ff-0000-ffff000000ff
       B004 12345678-1234-1234-1234-123456789012 - ffffffff-ffff-ffff-ffff-ffffffffffff
   ps_addrgrp_policy = allow
       S005 ee:0f:4d:00:11:22
       B006 ee:0f:4d:00:00:00 - ff:ff:ff:00:00:00
   ps_ble_dev_max_rpt = 128
   ps_ble_dev_max_batch = 64
Previous
Next