DOCUMENT LIBRARY

FortiGate / FortiOS

FortiOS Release Notes

Home FortiGate / FortiOS 6.4.1 FortiOS Release Notes

6.4.1

Changes in CLI

Changes in CLI

Bug ID	Description
466868	The `vap-all` options for `wtp-profile` and `wtp` (with `override-vaps enabled`) have changed to `tunnel`, `bridge`, and `manual`. config wireless-controller wtp-profile edit FAP-Profile config radio-1 set vap-all {tunnel \| bridge \| manual} end next end The `wtp-mode` setting was removed from `config wireless-controller wtp`. The traffic mode for FortiAP, tunnel or bridge, is automatically determined by the SSID selection.
603846	Support DNS-over-TLS connections to FortiGuard secure DNS server. Options are only available when `fortiguard-anycast` is enabled. config system fortiguard set fortiguard-anycast enable set fortiguard-anycast-source fortinet <==added set anycast-sdns-server-ip 0.0.0.0 <==added set anycast-sdns-server-port 853 <==added end
605817	Add support for IBM Cloud SDN connector. FortiGates can define dynamic firewall addresses obtained from the IBM Cloud. config system sdn-connector edit <ibm-connector> set type ibm <==added set api-key <key> set compute-generation <gen> set ibm-region-gen1 <region> next end config firewall address edit <dynamic address> set type dynamic set sub-type sdn set sdn <ibm-connector> set filter <filter> <==added next end
613730	Add `subscription-id` attribute for route table in Azure SDN configuration to allow route table updating in a different subscription. config system sdn-connector edit "azsdn" config route-table edit "xxxxxxxxx-rtb1" set subscription-id "xxxxxxxxxxxxxxx" <==added set resource-group "xxxxxxxxx" config route edit "internal-forward" set next-hop "172.28.5.4" next end next end end
616335	For VMware NSX SDN connector, add new CLI to support vCenter credentials so FortiGate can resolve NSX-T VMs and apply an NSX automation stitch to it. config system sdn-connector edit <nsx server> set vcenter-server <server> set vcenter-username <username> set vcenter-password <password> next end
625840	Add `diagnose system top-all` to show kernel process.

Previous

Next

Changes in CLI

Changes in CLI

Bug ID	Description
466868	The `vap-all` options for `wtp-profile` and `wtp` (with `override-vaps enabled`) have changed to `tunnel`, `bridge`, and `manual`. config wireless-controller wtp-profile edit FAP-Profile config radio-1 set vap-all {tunnel \| bridge \| manual} end next end The `wtp-mode` setting was removed from `config wireless-controller wtp`. The traffic mode for FortiAP, tunnel or bridge, is automatically determined by the SSID selection.
603846	Support DNS-over-TLS connections to FortiGuard secure DNS server. Options are only available when `fortiguard-anycast` is enabled. config system fortiguard set fortiguard-anycast enable set fortiguard-anycast-source fortinet <==added set anycast-sdns-server-ip 0.0.0.0 <==added set anycast-sdns-server-port 853 <==added end
605817	Add support for IBM Cloud SDN connector. FortiGates can define dynamic firewall addresses obtained from the IBM Cloud. config system sdn-connector edit <ibm-connector> set type ibm <==added set api-key <key> set compute-generation <gen> set ibm-region-gen1 <region> next end config firewall address edit <dynamic address> set type dynamic set sub-type sdn set sdn <ibm-connector> set filter <filter> <==added next end
613730	Add `subscription-id` attribute for route table in Azure SDN configuration to allow route table updating in a different subscription. config system sdn-connector edit "azsdn" config route-table edit "xxxxxxxxx-rtb1" set subscription-id "xxxxxxxxxxxxxxx" <==added set resource-group "xxxxxxxxx" config route edit "internal-forward" set next-hop "172.28.5.4" next end next end end
616335	For VMware NSX SDN connector, add new CLI to support vCenter credentials so FortiGate can resolve NSX-T VMs and apply an NSX automation stitch to it. config system sdn-connector edit <nsx server> set vcenter-server <server> set vcenter-username <username> set vcenter-password <password> next end
625840	Add `diagnose system top-all` to show kernel process.

Previous

Next