Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Release Notes

    Home FortiSwitch 7.2.2 Release Notes
    7.2.2
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    3.6.12
    3.6.11
    3.6.10
    3.6.9
    3.6.8
    3.6.7
    3.6.6
    3.6.5
    3.6.4
    3.6.3
    3.6.2
    3.6.1
    3.6.0
    3.5.6
    3.5.5
    3.5.4
    3.5.3
    3.5.2
    3.5.1
    3.5.0
    3.4.3
    3.4.2
    3.4.1
    3.4.0
    3.3.3
    3.3.2
    3.3.1

    Introduction

    Introduction

    This document provides the following information for FortiSwitchOS 7.2.2 build 0419.

    See the Fortinet Document Library for FortiSwitchOS documentation.

    Supported models

    FortiSwitchOS 7.2.2 supports the following models:

    FortiSwitch 1xx FS-108E, FS-108E-POE, FS-108E-FPOE, FS-108F, FS-108F-POE, FS-108F-FPOE, FS-124E, FS-124E-POE, FS-124E-FPOE, FS-124F, FS-124F-POE, FS-124F-FPOE, FS-148E, FS-148E-POE, FS-148F, FS-148F-POE, FS-148F-FPOE
    FortiSwitch 2xx FS-224D-FPOE, FS-224E, FS-224E-POE, FS-248D, FS-248E-POE, FS-248E-FPOE
    FortiSwitch 4xx FS-424E, FS-424E-POE, FS-424E-FPOE, FS-424E-Fiber, FS-M426E-FPOE, FS-448E, FS-448E-POE, FS-448E-FPOE
    FortiSwitch 5xx FS-524D, FS-524D-FPOE, FS-548D, FS-548D-FPOE
    FortiSwitch 1xxx FS-1024D, FS-1024E, FS-1048E, FS-T1024E
    FortiSwitch 3xxx FS-3032E
    FortiSwitch Rugged FSR-112D-POE, FSR-124D

    What’s new in FortiSwitchOS 7.2.2

    Release 7.2.2 provides the following new features:

    • You can now specify static entries for DHCP snooping and DAI by manually associating an IP address with a MAC address in the CLI.

    • You can now override the global option-82 setting for DHCP requests by specifying plain text strings for the Circuit ID field and the Remote ID field for a specific VLAN on a port.

    • You can now use the GUI to configure MLD snooping on FortiSwitch VLANs.

    • You can now use the following wildcard characters in the set value command for the automation trigger used for an automation stitch:

      • Use an asterisk to match any character string of any length, including 0-characters long. For example, use set value "*1567*" to match values of 81567 and 156789.

      • Use square brackets to match one of the multiple characters. For example, use set value "[aA]dmin" to match values of admin and Admin.

    • You can now configure multiple fields for the automation trigger used for an automation stitch when the event-type is event-log and the logid is set. The action is only performed if all conditions are valid (using AND logic).

    • You can use a new CLI command to change how a FortiSwitch unit with Power over Ethernet (PoE) disconnects from a powered device:

      config switch physical-port

      edit <port_name>

      set poe-disconnection-type {AC | DC | DC-delay}

      next

      end

    • VXLAN tunnels are now supported on FS-3032E.

    • If an unverified firmware image is uploaded to FortiSwitchOS, the following warning is displayed in the GUI: “WARNING: This firmware failed signature validation.”

    • You can now display IPv4 and IPv6 routes by VRF instance on the Router > Monitor > Routing and Router > Monitor > IPv6 Routing pages.

    • The default value for the set dhcp-snoop-client-req command (under config system global) is now drop-untrusted, instead of forward-untrusted.

    • The new set ebgp-requires-policy command (under config router bgp) is set to enable by default, which prevents the BGP router from learning or advertising prefixes from or to its eBGP peers.

    • Under the config router ospf command, set ucast-ttl has been renamed to set ttl. This setting now applies to multicast OSPF packets, as well as unicast OSPF packets.

    Refer to the FortiSwitch feature matrix for details about the features supported by each FortiSwitch model.

    Previous
    Next

    Introduction

    Introduction

    This document provides the following information for FortiSwitchOS 7.2.2 build 0419.

    See the Fortinet Document Library for FortiSwitchOS documentation.

    Supported models

    FortiSwitchOS 7.2.2 supports the following models:

    FortiSwitch 1xx FS-108E, FS-108E-POE, FS-108E-FPOE, FS-108F, FS-108F-POE, FS-108F-FPOE, FS-124E, FS-124E-POE, FS-124E-FPOE, FS-124F, FS-124F-POE, FS-124F-FPOE, FS-148E, FS-148E-POE, FS-148F, FS-148F-POE, FS-148F-FPOE
    FortiSwitch 2xx FS-224D-FPOE, FS-224E, FS-224E-POE, FS-248D, FS-248E-POE, FS-248E-FPOE
    FortiSwitch 4xx FS-424E, FS-424E-POE, FS-424E-FPOE, FS-424E-Fiber, FS-M426E-FPOE, FS-448E, FS-448E-POE, FS-448E-FPOE
    FortiSwitch 5xx FS-524D, FS-524D-FPOE, FS-548D, FS-548D-FPOE
    FortiSwitch 1xxx FS-1024D, FS-1024E, FS-1048E, FS-T1024E
    FortiSwitch 3xxx FS-3032E
    FortiSwitch Rugged FSR-112D-POE, FSR-124D

    What’s new in FortiSwitchOS 7.2.2

    Release 7.2.2 provides the following new features:

    • You can now specify static entries for DHCP snooping and DAI by manually associating an IP address with a MAC address in the CLI.

    • You can now override the global option-82 setting for DHCP requests by specifying plain text strings for the Circuit ID field and the Remote ID field for a specific VLAN on a port.

    • You can now use the GUI to configure MLD snooping on FortiSwitch VLANs.

    • You can now use the following wildcard characters in the set value command for the automation trigger used for an automation stitch:

      • Use an asterisk to match any character string of any length, including 0-characters long. For example, use set value "*1567*" to match values of 81567 and 156789.

      • Use square brackets to match one of the multiple characters. For example, use set value "[aA]dmin" to match values of admin and Admin.

    • You can now configure multiple fields for the automation trigger used for an automation stitch when the event-type is event-log and the logid is set. The action is only performed if all conditions are valid (using AND logic).

    • You can use a new CLI command to change how a FortiSwitch unit with Power over Ethernet (PoE) disconnects from a powered device:

      config switch physical-port

      edit <port_name>

      set poe-disconnection-type {AC | DC | DC-delay}

      next

      end

    • VXLAN tunnels are now supported on FS-3032E.

    • If an unverified firmware image is uploaded to FortiSwitchOS, the following warning is displayed in the GUI: “WARNING: This firmware failed signature validation.”

    • You can now display IPv4 and IPv6 routes by VRF instance on the Router > Monitor > Routing and Router > Monitor > IPv6 Routing pages.

    • The default value for the set dhcp-snoop-client-req command (under config system global) is now drop-untrusted, instead of forward-untrusted.

    • The new set ebgp-requires-policy command (under config router bgp) is set to enable by default, which prevents the BGP router from learning or advertising prefixes from or to its eBGP peers.

    • Under the config router ospf command, set ucast-ttl has been renamed to set ttl. This setting now applies to multicast OSPF packets, as well as unicast OSPF packets.

    Refer to the FortiSwitch feature matrix for details about the features supported by each FortiSwitch model.

    Previous
    Next