Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Devices Managed by FortiOS

    Home FortiSwitch 6.4.2 Devices Managed by FortiOS
    6.4.2
    7.0.8
    7.0.4
    7.0.2
    7.0.1
    7.0.0
    6.4.5
    6.4.3
    6.4.2
    6.4.0
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.4
    6.0.3
    6.0.1
    6.0.0
    6.0.0
    3.6.3
    3.6.0
    3.5.4

    Whatʼs new in FortiOS 6.4.2

    Whatʼs new in FortiOS 6.4.2

    The following list contains new managed FortiSwitch features added in FortiOS 6.4.2. Click on a link to navigate to that section for further information.

    • FortiLink mode now supports FortiGate units in separate sites running in HA mode. See HA-mode FortiGate units in remote sites.
    • The 802.1x-authenticated user name is now reported in the FortiGate traffic log.
    • You can now use SNMP to retrieve the switch and port status:
      • OID: 1.3.6.1.4.1.12356.101.24.1.1.1
        FORTINET-FORTIGATE-MIB:fortinet.fnFortiGateMib.fgSw.fgSwDeviceInfo.fgSwDeviceTable.fgSwDeviceEntry
      • OID 1.3.6.1.4.1.12356.101.24.2.1.1
        FORTINET-FORTIGATE-MIB:fortinet.fnFortiGateMib.fgSw.fgSwPortInfo.fgSwPortTable.fgSwPortEntry
    • When you create a link aggregation group (LAG) in FortiLink mode, you can now select the aggregation mode for the trunk when the trunk is in LACP mode. Ports can be grouped into the aggregator with the largest bandwidth or the aggregator with the most ports. See Configuring a link aggregation group (LAG). Use the following CLI commands:

      config switch-controller managed-switch

      edit <FortiSwitch_serial_number>

      config ports

      edit <trunk_name>

      set type trunk

      set mode {lacp-passive | lacp-active}

      set aggregator-mode {bandwidth | count}

      set members <port1 port2 ...>

      next

      end

      end

      end

    • Explicit congestion notification (ECN) is now supported in FortiLink mode when the drop policy is weighted random early detection (WRED). See Configuring QoS with managed FortiSwitch units. Use the following CLI commands:

      config switch-controller qos queue-policy

      edit <QoS_egress_policy_name>

      config cos-queue

      edit queue-<number>

      set drop-policy weighted-random-early-detection

      set ecn enable

      next

      end

      next

      end

    • The RADIUS Service-Type attribute now supports sending multiple values in FortiLink mode. See RADIUS accounting support.

      config user radius

      edit <RADIUS_server_name>

      set switch-controller-service-type {administrative | authenticate-only | callback-administrative | callback-framed | callback-login | callback-nas-prompt | call-check | framed | login | nas-prompt | outbound}

      next

      end

    • The Precision Time Protocol (PTP) transparent-clock mode is now supported in FortiLink mode. See Configuring PTP transparent-clock mode.
    • The new Diagnostics and Tools form reports the general health of the FortiSwitch unit, displays details about the FortiSwitch unit, and allows you to run diagnostic tests. See Diagnostics and tools.
    • Interoperation with per-VLAN Rapid Spanning Tree Protocol (also known as Rapid PVSP or RPVST) is now supported on managed FortiSwitch units. See Configuring interoperation with per-VLAN RSTP.
    • When you define a FortiSwitch NAC policy, you can now specify a FortiClient EMS tag as the matching condition, which allows the NAC policy to match devices with the MAC address. See Creating an EMS-tag policy.
    • The number of FortiSwitch units supported by the FGT-1100E and FGT-1101E models has been increased from 128 to 196.
    • FortiLink mode now offers automated detection of conditions observed in the switch-controller and FortiSwitch network. Administrators can accept the configuration recommendations and have them automatically applied. See Optimizing the FortiSwitch network.
    Previous
    Next

    Whatʼs new in FortiOS 6.4.2

    Whatʼs new in FortiOS 6.4.2

    The following list contains new managed FortiSwitch features added in FortiOS 6.4.2. Click on a link to navigate to that section for further information.

    • FortiLink mode now supports FortiGate units in separate sites running in HA mode. See HA-mode FortiGate units in remote sites.
    • The 802.1x-authenticated user name is now reported in the FortiGate traffic log.
    • You can now use SNMP to retrieve the switch and port status:
      • OID: 1.3.6.1.4.1.12356.101.24.1.1.1
        FORTINET-FORTIGATE-MIB:fortinet.fnFortiGateMib.fgSw.fgSwDeviceInfo.fgSwDeviceTable.fgSwDeviceEntry
      • OID 1.3.6.1.4.1.12356.101.24.2.1.1
        FORTINET-FORTIGATE-MIB:fortinet.fnFortiGateMib.fgSw.fgSwPortInfo.fgSwPortTable.fgSwPortEntry
    • When you create a link aggregation group (LAG) in FortiLink mode, you can now select the aggregation mode for the trunk when the trunk is in LACP mode. Ports can be grouped into the aggregator with the largest bandwidth or the aggregator with the most ports. See Configuring a link aggregation group (LAG). Use the following CLI commands:

      config switch-controller managed-switch

      edit <FortiSwitch_serial_number>

      config ports

      edit <trunk_name>

      set type trunk

      set mode {lacp-passive | lacp-active}

      set aggregator-mode {bandwidth | count}

      set members <port1 port2 ...>

      next

      end

      end

      end

    • Explicit congestion notification (ECN) is now supported in FortiLink mode when the drop policy is weighted random early detection (WRED). See Configuring QoS with managed FortiSwitch units. Use the following CLI commands:

      config switch-controller qos queue-policy

      edit <QoS_egress_policy_name>

      config cos-queue

      edit queue-<number>

      set drop-policy weighted-random-early-detection

      set ecn enable

      next

      end

      next

      end

    • The RADIUS Service-Type attribute now supports sending multiple values in FortiLink mode. See RADIUS accounting support.

      config user radius

      edit <RADIUS_server_name>

      set switch-controller-service-type {administrative | authenticate-only | callback-administrative | callback-framed | callback-login | callback-nas-prompt | call-check | framed | login | nas-prompt | outbound}

      next

      end

    • The Precision Time Protocol (PTP) transparent-clock mode is now supported in FortiLink mode. See Configuring PTP transparent-clock mode.
    • The new Diagnostics and Tools form reports the general health of the FortiSwitch unit, displays details about the FortiSwitch unit, and allows you to run diagnostic tests. See Diagnostics and tools.
    • Interoperation with per-VLAN Rapid Spanning Tree Protocol (also known as Rapid PVSP or RPVST) is now supported on managed FortiSwitch units. See Configuring interoperation with per-VLAN RSTP.
    • When you define a FortiSwitch NAC policy, you can now specify a FortiClient EMS tag as the matching condition, which allows the NAC policy to match devices with the MAC address. See Creating an EMS-tag policy.
    • The number of FortiSwitch units supported by the FGT-1100E and FGT-1101E models has been increased from 128 to 196.
    • FortiLink mode now offers automated detection of conditions observed in the switch-controller and FortiSwitch network. Administrators can accept the configuration recommendations and have them automatically applied. See Optimizing the FortiSwitch network.
    Previous
    Next