Fortinet black logo

Administration Guide

Home FortiSASE Administration Guide

Select availability features

Select availability features

FortiSASE includes several features with select availability, which are features that are released but are not available by default for all customers. Following is a table that describes some of these features and the associated conditions when they are enabled on existing FortiSASE instances.

Select availability feature Description Enabled for new instances Can be enabled for existing instances* Associated conditions when enabled
Network restrictions removed Support for removing network restrictions for customer networks. Yes Yes When enabling this feature, FortiSASE service may be unavailable for brief periods of time. Up to a two-hour scheduled maintenance window required to complete the process.
Remove VPN user identification

Support unique SSL VPN IP address ranges per FortiSASE security PoP within the overall 100.65.0.0/16 range.

Remove source NAT (SNAT) for remote VPN user traffic destined for secure private access hubs.

 Yes Yes

When enabling this feature, data loss may be possible.

Resetting your FortiSASE instance to default may be required. If reset, your instance requires manual reconfiguration and a scheduled maintenance period to re-onboard remote users.

Supporting external identity provider (IdP) users External IdP users can log into FortiSASE with their company-provided user credentials using a third-party SAML IdP No Yes, limited beta in FortiCloud Involves a transition period from using FortiCloud IAM users to using external IdP users.

* A customer can request enabling a select availability feature for an existing FortiSASE instance by creating a new ticket with FortiCare Support.

Previous
Next

Select availability features

FortiSASE includes several features with select availability, which are features that are released but are not available by default for all customers. Following is a table that describes some of these features and the associated conditions when they are enabled on existing FortiSASE instances.

Select availability feature Description Enabled for new instances Can be enabled for existing instances* Associated conditions when enabled
Network restrictions removed Support for removing network restrictions for customer networks. Yes Yes When enabling this feature, FortiSASE service may be unavailable for brief periods of time. Up to a two-hour scheduled maintenance window required to complete the process.
Remove VPN user identification

Support unique SSL VPN IP address ranges per FortiSASE security PoP within the overall 100.65.0.0/16 range.

Remove source NAT (SNAT) for remote VPN user traffic destined for secure private access hubs.

 Yes Yes

When enabling this feature, data loss may be possible.

Resetting your FortiSASE instance to default may be required. If reset, your instance requires manual reconfiguration and a scheduled maintenance period to re-onboard remote users.

Supporting external identity provider (IdP) users External IdP users can log into FortiSASE with their company-provided user credentials using a third-party SAML IdP No Yes, limited beta in FortiCloud Involves a transition period from using FortiCloud IAM users to using external IdP users.

* A customer can request enabling a select availability feature for an existing FortiSASE instance by creating a new ticket with FortiCare Support.

Previous
Next