Skip to main content
markdr_FTNT
Staff
markdr_FTNT
Staff
September 16, 2025

Technical Tip: Detecting and identifying BLE devices with FortiAP/FortiGate

  • September 16, 2025
  • 0 replies
  • 803 views
Description

This article describes a step-by-step guide on how to enable 'Bluetooth Low Energy' (BLE) scanning on FortiAPs, and how to use FortiGate diagnostics to view nearby BLE devices.
Scope
  • FortiOS v7.2 and later.
  • FortiAP models with BLE hardware support (for example, FortiAP-231F, 234F, 431F, etc.).
Solution

For asset visibility, IoT device discovery, and location analytics integrations it can be useful to scan for BLE devices.

The required steps are as follows.

 

  1. Create a BLE profile.

The first step is to configure a BLE profile on the FortiGate (this is later attached to the FortiAP Profile):

 

config wireless-controller ble-profile
    edit "BLE-Scan"
        set scan enable
        set scan-period 60
        set scan-window 30
        set scan-interval 100
    next
end

 

  • scan enable – turns on BLE scanning.
  • scan-period – the duration of each scan, (in seconds).
  • scan-window and scan-interval – define how aggressively the FortiAP listens.

  1. Apply the BLE profile to a FortiAP profile.

Next, attach the new BLE profile to the Access Point profile that the FortiAP is using:

 

config wireless-controller wtp-profile
    edit "FAP-231F-profile"
        set ble-profile "BLE-Scan"
    next
end


If necessary, assign this FortiAP profile to the desired Access Points; if the profile is already in use by the FortiAP, this is not needed.

  1. Verify that BLE devices are detected.
    Assuming there are Bluetooth devices that are within range of the FortiAPs that now use the BLE profile, these devices can now be listed on the CLI.

 

Use the following diagnostic command to see devices scanned by the FortiAPs:

FGT # diagnose wireless-controller wlac -c ble-de


Sample output:

 

FGT # diagnose wireless-controller wlac -c ble-dev

 

BLE_DEV (002/003) vfid 000, mac 00:00:1B:00:B1:E5
    rssi : 1
    addr type : random
    name : Shelly1MiniG3
    manufacture : Xerox
    first seen : Sep 15 11:13
    last seen : Aug 03 05:34
    scanned by : FP234FTF12345678

BLE_DEV (003/003) vfid 000, mac 00:23:45:0B:00:B5
    rssi : -86
    addr type : public
    name : Shelly1PMMiniG3
    manufacture : Xerox
    first seen : Sep 15 11:13
    last seen : May 28 03:58
    scanned by : FP234FTF12345678

 

5. Interpretation of the output.

The fields in the above output correspond to the descriptions below:

 

  • mac – The Bluetooth device's MAC address (can be random or public).
  • rssi – The received signal strength indicator; higher (closer to 0) means nearer.
  • addr type – Public or random (depends on device advertising mode).
  • name – BLE advertising name (sometimes includes vendor/product).
  • manufacture - The vendor that made the BLE hardware (not always shown).
  • first/last seen – Useful for tracking presence and duration.
  • scanned by – The serial number of the Access Point that detected the Bluetooth device.

 

Use Cases.

Below are some suggested cases where this data could be useful:

 

  • IoT visibility: Detect smart plugs, sensors, wearables, or unknown devices.
  • Rogue device detection: Spot unexpected BLE radios in your environment.
  • Location tracking: If multiple FortiAPs hear the same device, approximate location via RSSI.
  • Integration: Export logs to FortiAnalyzer or FortiPresence for historical and analytics dashboards.

 

Notes:

  • BLE scan data is metadata only (MAC, RSSI, UUID, etc.). FortiGate does not proxy BLE traffic.
  • Ensure the FortiAP model supports BLE hardware.
  • For advertisement/beacon use cases (iBeacon/Eddystone), configure advertise enable in the BLE profile.
    Terms & ConditionsAccessibility statement