Changes in CLI defaults
Routing
auxiliary-session {enable | disable}
option added at the VDOM level. Useauxiliary-session enable
to allow reply traffic to follow the best route instead of selecting the ingress interface in the original direction.
System
- Consolidate FortiTelemetry and
capwap
intofabric
to allow Security Fabric access insystem interface
.
Previous releases |
6.2.3 release |
---|---|
config system interface edit <Port number> set allowaccess capwap <== Removed set fortiheartbeat <== Removed next end |
config system interface edit <Port number> set allowaccess fabric <== New next end |
- Add
execute factoryreset-shutdown
to combine the functionality of thefactory-reset
andshutdown
commands. - Add more functions for SMC NTP and the ability to get information from SMC NTP:
config system smc-ntp <== New set ntpsync disable <== New set syncinterval 60 <== New set channel 5 <== New end
Web Filter
- Enable
file-filter
password protected blocked for 7Z, RAR, PDF, MSOffice, and MSOfficeX.
Previous releases |
6.2.3 release |
---|---|
config webfilter profile edit "encrypted-web" set comment '' set replacemsg-group '' unset options config file-filter set status enable set log enable set scan-archive-contents enable config entries edit "1" set comment '' set protocol http ftp set action log set direction any set password-protected yes set file-type "zip" <== only zip can be selected next end end next end |
config webfilter profile edit "encrypted-web" set comment '' set replacemsg-group '' unset options config file-filter set status enable set log enable set scan-archive-contents enable config entries edit "1" set comment '' set protocol http ftp set action log set direction any set password-protected yes set file-type "zip" "7z" "msoffice" "msofficex" "pdf" "rar" <==- changed next end end next end |
WiFi Controller
- FAP-U431F and FAP-U433F can support 802.11ax on 2.4 GHz
radio-2
when the platform mode issingle-5G
.
Previous releases |
6.2.3 release |
---|---|
config wireless-controller wtp-profile edit "FAPU431F-default" config platform set type U431F set mode single-5G end config radio-1 set band 802.11ax-5G end config radio-2 set band ? 802.11b 802.11b. 802.11g 802.11g/b. 802.11n 802.11n/g/b at 2.4GHz. 802.11n,g-only 802.11n/g at 2.4GHz. 802.11g-only 802.11g. 802.11n-only 802.11n at 2.4GHz. end config radio-3 set mode monitor end next end |
config wireless-controller wtp-profile edit "FAPU431F-default" config platform set type U431F set mode single-5G end config radio-1 set band 802.11ax-5G end config radio-2 set band ? 802.11b 802.11b. 802.11g 802.11g/b. 802.11n 802.11n/g/b at 2.4GHz. 802.11ax 802.11ax/n/g/b at 2.4GHz. <==added 802.11n,g-only 802.11n/g at 2.4GHz. 802.11g-only 802.11g. 802.11n-only 802.11n at 2.4GHz. 802.11ax,n-only 802.11ax/n at 2.4GHz. <==added 802.11ax,n,g-only 802.11ax/n/g at 2.4GHz. <==added 802.11ax-only 802.11ax at 2.4GHz.<==added end config radio-3 set mode monitor end next end |
Resolved Issues
Bug ID |
Description |
---|---|
497161 |
Add function for SMC NTP on supported platforms. config system smc-ntp set ntpsync enable set syncinterval 120 config ntpserver edit 1 set server 208.91.114.98 next end end |
574882 |
FAP-U431F and FAP-U433F can support 802.11ax on 2.4 GHz config wireless-controller wtp-profile edit "FAPU431F-default" config platform set type U431F set mode single-5G end config radio-1 set band 802.11ax-5G end config radio-2 set band 802.11ax end config radio-3 set mode monitor end next end |
579703 |
Add hidden config firewall policy edit 201 set uuid ec5fd00e-eadb-51e9-457d-db7097aab5a5 set srcintf "wan1" set dstintf "wan2" set srcaddr "all" set dstaddr "all" set action accept set schedule "always" set service "TCP_8080" set logtraffic disable set session-ttl never set nat enable next end |
582979 |
Add DPDK related CLI commands. config dpdk global set status [enable | disable] set multiqueue [enable | disable] set sleep-on-idle [enable | disable] set elasticbuffer [enable | disable] set hugepage-percentage [Percentage of main memory allocated to huge pages] set mbufpool-percentage [Percentage of main memory allocated to DPDK packet buffer] end config dpdk cpus set rx-cpus [CPUs enabled to run DPDK RX engines] set vnp-cpus [CPUs enabled to run DPDK VNP engines] set ips-cpus [CPUs enabled to run DPDK IPS engines] set tx-cpus [CPUs enabled to run DPDK TX engines] end |
586935 |
Add new |
588180 |
Consolidate config system interface edit port4 set allowaccess ? ping PING access. https HTTPS access. ssh SSH access. snmp SNMP access. http HTTP access. telnet TELNET access. fgfm FortiManager access. radius-acct RADIUS accounting access. probe-response Probe access. fabric Security Fabric access. ftm FTM access. next end |