Fortinet black logo

FortiGate-6000 Handbook

Home FortiGate-6000 5.6.11 FortiGate-6000 Handbook
5.6.11
7.0.15
7.0.14
7.0.13
7.0.12
7.0.10
7.0.5
6.4.15
6.4.14
6.4.13
6.4.12
6.4.10
6.4.8
6.4.6
6.4.2
6.2.16
6.2.16
6.2.15
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.7
6.2.6
6.2.4
6.2.3
6.0.18
6.0.17
6.0.16
6.0.15
6.0.14
6.0.13
6.0.12
6.0.10
6.0.9
6.0.8
6.0.6
6.0.4
5.6.14
5.6.12
5.6.11
5.6.7
5.4.10

What's new for FortiGate-6000 5.6.6

What's new for FortiGate-6000 5.6.6

The following new features have been added to FortiGate-6000 v5.6.6 build 4148:

  • Support for FortiOS 5.6.6 and most 5.6.6 features including FortiOS 5.6.6 GUI features.
  • You can configure new Resource Usage dashboard widgets to show CPU use, log rate, memory use, session creation rate, and the number of active sessions for the management board and for individual FPCs.
  • The Security Fabric dashboard widget shows high level status and configuration information for all of the FPCs.
  • The Sensor Information dashboard widget displays temperature, power supply (PSU), and fan speed information and allows you to drill down for more details, including information about individual temperature sensors, PSUs and fans.
  • DP3 firmware upgrade
  • VRRP support
  • The following FortiOS 5.6.6 features are not supported:
    • SD-WAN
    • Some IPsec VPN features
    • Policy learning mode
    • HA dedicated management interfaces

New IPsec VPN features

FortiOS 5.6.6 includes the following IPsec VPN improvements:

  • Including a phase 2 selector is no longer mandatory.
  • Dynamic routing (RIP, OSPF, BGP) is supported over IPsec VPN tunnels.

IPsec VPN features supported by FortiOS 5.6.6 for FortiGate-6000

FortiOS 5.6.6 for FortiGate-6000 supports the following IPsec VPN features.

  • Interface-based IPsec VPN (also called route-based IPsec VPN).
  • Static routes can point IPsec VPN interfaces.
  • Dynamic routing (RIP, OSPF, BGP) over IPsec VPN tunnels.
  • Remote networks with 16- to 32-bit netmasks.
  • IPsec VPN tunnels must terminate on the primary FPM (the ELBC master).
  • Site-to-Site IPsec VPN.
  • Dialup IPsec VPN. The FortiGate-6000 can be the dialup server or client.
  • IPv4 clear-text traffic (IPv4 over IPv4 or IPv4 over IPv6)

IPsec VPN features not supported by FortiOS 5.6.6 for FortiGate-6000

FortiOS 5.6.6 for FortiGate-6000 does not support the following IPsec VPN features.

  • Policy-based IPsec VPN.
  • Policy routes for VPN traffic.
  • Remote networks with 0- to 15-bit netmasks.
  • IPv6 clear-text traffic (IPv6 over IPv4 or IPv6 over IPv6).
  • Load-balancing IPsec VPN tunnels to multiple FPMs.
  • IPsec SA synchronization between both FortiGate-6000s in an HA configuration.
Previous
Next

What's new for FortiGate-6000 5.6.6

The following new features have been added to FortiGate-6000 v5.6.6 build 4148:

  • Support for FortiOS 5.6.6 and most 5.6.6 features including FortiOS 5.6.6 GUI features.
  • You can configure new Resource Usage dashboard widgets to show CPU use, log rate, memory use, session creation rate, and the number of active sessions for the management board and for individual FPCs.
  • The Security Fabric dashboard widget shows high level status and configuration information for all of the FPCs.
  • The Sensor Information dashboard widget displays temperature, power supply (PSU), and fan speed information and allows you to drill down for more details, including information about individual temperature sensors, PSUs and fans.
  • DP3 firmware upgrade
  • VRRP support
  • The following FortiOS 5.6.6 features are not supported:
    • SD-WAN
    • Some IPsec VPN features
    • Policy learning mode
    • HA dedicated management interfaces

New IPsec VPN features

FortiOS 5.6.6 includes the following IPsec VPN improvements:

  • Including a phase 2 selector is no longer mandatory.
  • Dynamic routing (RIP, OSPF, BGP) is supported over IPsec VPN tunnels.

IPsec VPN features supported by FortiOS 5.6.6 for FortiGate-6000

FortiOS 5.6.6 for FortiGate-6000 supports the following IPsec VPN features.

  • Interface-based IPsec VPN (also called route-based IPsec VPN).
  • Static routes can point IPsec VPN interfaces.
  • Dynamic routing (RIP, OSPF, BGP) over IPsec VPN tunnels.
  • Remote networks with 16- to 32-bit netmasks.
  • IPsec VPN tunnels must terminate on the primary FPM (the ELBC master).
  • Site-to-Site IPsec VPN.
  • Dialup IPsec VPN. The FortiGate-6000 can be the dialup server or client.
  • IPv4 clear-text traffic (IPv4 over IPv4 or IPv4 over IPv6)

IPsec VPN features not supported by FortiOS 5.6.6 for FortiGate-6000

FortiOS 5.6.6 for FortiGate-6000 does not support the following IPsec VPN features.

  • Policy-based IPsec VPN.
  • Policy routes for VPN traffic.
  • Remote networks with 0- to 15-bit netmasks.
  • IPv6 clear-text traffic (IPv6 over IPv4 or IPv6 over IPv6).
  • Load-balancing IPsec VPN tunnels to multiple FPMs.
  • IPsec SA synchronization between both FortiGate-6000s in an HA configuration.
Previous
Next