Fortinet Document Library

Version:

Version:

Version:

Version:

Version:


Table of Contents

FortiWiFi and FortiAP Configuration Guide

Configuring location tracking

You can enable location tracking in any FortiAP profile, using the CLI. Location tracking is part of location-based services. Set the station-locate field to enable. For example:

config wireless-controller wtp-profile

edit "FAP220B-locate"

set ap-country US

config platform

set type 220B

end

config lbs

set station-locate enable

end

end

Automatic deletion of outdated presence data

The FortiGate generates a log entry only the first time that station-locate detects a mobile client. No log is generated for clients that have been detected before. To log repeat client visits, previous station presence data must be deleted (flushed). The sta-locate-timer can flush this data periodically. The default period is 1800 seconds (30 minutes). The timer can be set to any value between 1 and 86400 seconds (24 hours). A setting of 0 disables the flush, meaning a client is logged only on the very first visit.

The timer is one of the wireless controller timers and it can be set in the CLI. For example:

config wireless-controller timers

set sta-locate-timer 1800

end

To avoid the duplication of logs, set the sta-locate-timer value to be more that the sta-capability-timer value (default 30 seconds).

FortiPresence push REST API

When the FortiGate is located on a private IP network, the FortiPresence server cannot poll the FortiGate for information. Instead, the FortiGate must be configured to push the information to the FortiPresence server.

Enter the following command:

config wireless-controller wtp-profile

edit "FP223B-GuestWiFi"

config lbs

set fortipresence {enable | disable}

set fortipresence-server <ip-address> Default is 3000.

set fortipresence-port <port>

set fortipresence-secret <password>

set fortipresence-project <name>

set fortipresence-frequency <5-65535> Default is 30.

set fortipresence-rogue {enable | disable} Enable/disable reporting of Rogue APs.

set fortipresence-unassoc {enable | disable} Enable/disable reporting of unassociated devices.

end

end

Configuring location tracking

You can enable location tracking in any FortiAP profile, using the CLI. Location tracking is part of location-based services. Set the station-locate field to enable. For example:

config wireless-controller wtp-profile

edit "FAP220B-locate"

set ap-country US

config platform

set type 220B

end

config lbs

set station-locate enable

end

end

Automatic deletion of outdated presence data

The FortiGate generates a log entry only the first time that station-locate detects a mobile client. No log is generated for clients that have been detected before. To log repeat client visits, previous station presence data must be deleted (flushed). The sta-locate-timer can flush this data periodically. The default period is 1800 seconds (30 minutes). The timer can be set to any value between 1 and 86400 seconds (24 hours). A setting of 0 disables the flush, meaning a client is logged only on the very first visit.

The timer is one of the wireless controller timers and it can be set in the CLI. For example:

config wireless-controller timers

set sta-locate-timer 1800

end

To avoid the duplication of logs, set the sta-locate-timer value to be more that the sta-capability-timer value (default 30 seconds).

FortiPresence push REST API

When the FortiGate is located on a private IP network, the FortiPresence server cannot poll the FortiGate for information. Instead, the FortiGate must be configured to push the information to the FortiPresence server.

Enter the following command:

config wireless-controller wtp-profile

edit "FP223B-GuestWiFi"

config lbs

set fortipresence {enable | disable}

set fortipresence-server <ip-address> Default is 3000.

set fortipresence-port <port>

set fortipresence-secret <password>

set fortipresence-project <name>

set fortipresence-frequency <5-65535> Default is 30.

set fortipresence-rogue {enable | disable} Enable/disable reporting of Rogue APs.

set fortipresence-unassoc {enable | disable} Enable/disable reporting of unassociated devices.

end

end