Transparent mode features
Different FortiOS features are available depending on whether your FortiGate is in transparent or NAT mode. The following table shows which features are available for each mode.
For a FortiGate in transparent mode, the maximum number of Interfaces per VDOM is 254. This value includes both physical and virtual interfaces. |
Feature |
NAT |
Transparent |
Comment |
---|---|---|---|
Unicast routing/policy-based routing |
Yes |
No |
|
VIP/IP pools/ NAT |
Yes |
Yes |
Configurable from CLI only in transparent mode |
Multicast routing |
Yes |
No |
Options are available to forward multicast packets |
L2 forwarding |
No |
Yes |
In transparent mode, other frames than IP can be forwarded, but only without security scanning |
Firewall (packet filtering/NAT/Authentication) |
Yes |
Yes |
|
IPv6 capable |
Yes |
Yes |
|
Traffic shaping (type of service) |
Yes |
Yes |
|
Hardware acceleration |
Yes |
Yes |
|
All security profile features (ex IPS, Application Control, Web Filtering, etc ...) |
Yes |
Yes |
|
Security Fabric |
Yes |
No |
|
FortiView |
Yes |
Yes |
|
IPsec VPN |
Yes |
Yes |
Only policy based IPsec VPNs are supported for transparent mode |
SSL VPN |
Yes |
No |
|
High availability (HA) - virtual cluster |
Yes |
Yes |
|
802.3ad (LACP/port aggregation) |
Yes |
Yes |
|
HA port redundancy |
Yes |
Yes |
FortiGate hardware dependent |
802.1q - VLAN trunking |
Yes |
Yes |
|
802.1d - spanning tree |
No |
No |
Option to forward VPDUs |
Logging and reporting (disk and memory logging, FortiCloud, syslog, and FortiAnalyzer) |
Yes |
Yes |
|
Managed by FortiManager |
Yes |
Yes |
|