This document provides the following information for FortiSwitchOS 7.0.2 build 0049.
- Supported models
- Special notices
- Upgrade information
- Product integration and support
- Resolved issues
- Known issues
See the Fortinet Document Library for FortiSwitchOS documentation.
FortiSwitchOS 7.0.2 supports the following models:
|FortiSwitch 1xx||FS-108E, FS-108E-POE, FS-108E-FPOE, FS-108F, FS-108F-POE, FS-108F-FPOE, FS-124E, FS-124E-POE, FS-124E-FPOE, FS-124F, FS-124F-POE, FS-124F-FPOE, FS-148E, FS-148E-POE, FS-148F, FS-148F-POE, FS-148F-FPOE|
|FortiSwitch 2xx||FS-224D-FPOE, FS-224E, FS-224E-POE, FS-248D, FS-248E-POE, FS-248E-FPOE|
|FortiSwitch 4xx||FS-424D, FS-424D-FPOE, FS-424D-POE, FS-424E, FS-424E-POE, FS-424E-FPOE, FS-424E-Fiber, FS-M426E-FPOE, FS-448D, FS-448D-FPOE, FS-448D-POE, FS-448E, FS-448E-POE, FS-448E-FPOE|
|FortiSwitch 5xx||FS-524D-FPOE, FS-524D, FS-548D, FS-548D-FPOE|
|FortiSwitch 1xxx||FS-1024D, FS-1048D, FS-1048E|
|FortiSwitch 3xxx||FS-3032D, FS-3032E|
|FortiSwitch Rugged||FSR-112D-POE, FSR-124D|
What’s new in FortiSwitchOS 7.0.2
Release 7.0.2 provides the following new features:
- New commands allow you to specify which IGMP-snooping and MLD-snooping groups are cleared:
execute clear switch igmp-snooping all
execute clear switch igmp-snooping group <multicast_IPv4_address>
execute clear switch igmp-snooping interface <interface_name>
execute clear switch igmp-snooping vlan <VLAN_ID>
execute clear switch mld-snooping all
execute clear switch mld-snooping group <multicast_IPv6_address>
execute clear switch mld-snooping interface <interface_name>
execute clear switch mld-snooping vlan <VLAN_ID>
- You can now sort each column on the Log > Entries page.
- As part of the existing support for RFC 1493, the following OIDs have been added:
dot1dBaseBridgeAddress .126.96.36.199.188.8.131.52.1.0 dot1dBaseNumPorts .184.108.40.206.220.127.116.11.2.0 dot1dBaseType .18.104.22.168.22.214.171.124.3.0 dot1dTpFdbTable
NOTE: dot1dbasePortDelayeExceededDiscards (.126.96.36.199.188.8.131.52.4.1.4) and dot1dBasePortMtuExceededDiscards (.184.108.40.206.220.127.116.11.4.1.5) are not supported.
- When DHCP snooping is enabled and a DHCP server is detected on an untrusted interface, a log entry is generated, either “A rogue DHCPv6 server has been detected on the interface” or “A rogue DHCP server has been detected on the interface.”
- You can now use RADIUS attributes to configure dynamic access control lists (DACLs) on 802.1x ports. DACLS are configured on a switch or saved on a RADIUS server. You can use DACLs to control traffic per user session or per port for switch ports directly connected to user clients. DACLs apply to hardware only when 802.1x authentication is successful.
- You can now specify the outer VLAN tag and COS queue number when configuring the access control list (ACL) policies on the FS-108E, FS-108E-POE, FS-108E-FPOE, FS-108F, FS-108F-POE, FS-108F-FPOE, FS-124E, FS-124E-POE, FS-124E-FPOE, FS-148E, FS-148E-POE, FS-148F, FS-148F-POE, FS-148F-FPOE, FS-124F, FS-124F-POE, and FS-124F-FPOE models.
You can now enable or disable the learning-limit violation log in the GUI (Switch > MAC Limit).
- The MAC learning limit and the MAC learning limit violation log are now supported on the FSR-112D-POE.
- You can now specify that, when the MAC learning limit is exceeded, the interface that it is configured on will be disabled.
- You can now receive an SNMP trap message when the MAC learning limit is exceeded.
- NAC LAN segments are now supported on the FS-148F, FS-148F-POE, and FS-148F-FPOE models in FortiLink mode. FortiOS 7.0.1 or higher is required.
- You can now specify a range of multicast group addresses (IPv4) when configuring a Protocol Independent Multicast (PIM) multicast flow.
- The output of the
diagnose test authserver radiuscommand now includes the configured attribute-value pairs (AVPs).
- When you test the user credentials for a RADIUS server in the GUI (System > Authentication > RADIUS), the configured AVPs are now returned, along with the status of the connection and user credentials.
- You can now view if a module supports the diagnostic monitoring interface (DMI):
- The output of the
get switch modules statuscommand reports if a module does not support DMI.
- There is a new DMI column on the Module Summary page (Switch > Monitor > Modules).
- The output of the
Refer to the FortiSwitch feature matrix for details about the features supported by each FortiSwitch model.