Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Introduction

This document provides the following information for FortiSwitchOS 7.2.2 build 0419.

See the Fortinet Document Library for FortiSwitchOS documentation.

Supported models

FortiSwitchOS 7.2.2 supports the following models:

FortiSwitch 1xx FS-108E, FS-108E-POE, FS-108E-FPOE, FS-108F, FS-108F-POE, FS-108F-FPOE, FS-124E, FS-124E-POE, FS-124E-FPOE, FS-124F, FS-124F-POE, FS-124F-FPOE, FS-148E, FS-148E-POE, FS-148F, FS-148F-POE, FS-148F-FPOE
FortiSwitch 2xx FS-224D-FPOE, FS-224E, FS-224E-POE, FS-248D, FS-248E-POE, FS-248E-FPOE
FortiSwitch 4xx FS-424E, FS-424E-POE, FS-424E-FPOE, FS-424E-Fiber, FS-M426E-FPOE, FS-448E, FS-448E-POE, FS-448E-FPOE
FortiSwitch 5xx FS-524D, FS-524D-FPOE, FS-548D, FS-548D-FPOE
FortiSwitch 1xxx FS-1024D, FS-1024E, FS-1048E, FS-T1024E
FortiSwitch 3xxx FS-3032E
FortiSwitch Rugged FSR-112D-POE, FSR-124D

What’s new in FortiSwitchOS 7.2.2

Release 7.2.2 provides the following new features:

  • You can now specify static entries for DHCP snooping and DAI by manually associating an IP address with a MAC address in the CLI.

  • You can now override the global option-82 setting for DHCP requests by specifying plain text strings for the Circuit ID field and the Remote ID field for a specific VLAN on a port.

  • You can now use the GUI to configure MLD snooping on FortiSwitch VLANs.

  • You can now use the following wildcard characters in the set value command for the automation trigger used for an automation stitch:

    • Use an asterisk to match any character string of any length, including 0-characters long. For example, use set value "*1567*" to match values of 81567 and 156789.

    • Use square brackets to match one of the multiple characters. For example, use set value "[aA]dmin" to match values of admin and Admin.

  • You can now configure multiple fields for the automation trigger used for an automation stitch when the event-type is event-log and the logid is set. The action is only performed if all conditions are valid (using AND logic).

  • You can use a new CLI command to change how a FortiSwitch unit with Power over Ethernet (PoE) disconnects from a powered device:

    config switch physical-port

    edit <port_name>

    set poe-disconnection-type {AC | DC | DC-delay}

    next

    end

  • VXLAN tunnels are now supported on FS-3032E.

  • If an unverified firmware image is uploaded to FortiSwitchOS, the following warning is displayed in the GUI: “WARNING: This firmware failed signature validation.”

  • You can now display IPv4 and IPv6 routes by VRF instance on the Router > Monitor > Routing and Router > Monitor > IPv6 Routing pages.

  • The default value for the set dhcp-snoop-client-req command (under config system global) is now drop-untrusted, instead of forward-untrusted.

  • The new set ebgp-requires-policy command (under config router bgp) is set to enable by default, which prevents the BGP router from learning or advertising prefixes from or to its eBGP peers.

  • Under the config router ospf command, set ucast-ttl has been renamed to set ttl. This setting now applies to multicast OSPF packets, as well as unicast OSPF packets.

Refer to the FortiSwitch feature matrix for details about the features supported by each FortiSwitch model.

Introduction

This document provides the following information for FortiSwitchOS 7.2.2 build 0419.

See the Fortinet Document Library for FortiSwitchOS documentation.

Supported models

FortiSwitchOS 7.2.2 supports the following models:

FortiSwitch 1xx FS-108E, FS-108E-POE, FS-108E-FPOE, FS-108F, FS-108F-POE, FS-108F-FPOE, FS-124E, FS-124E-POE, FS-124E-FPOE, FS-124F, FS-124F-POE, FS-124F-FPOE, FS-148E, FS-148E-POE, FS-148F, FS-148F-POE, FS-148F-FPOE
FortiSwitch 2xx FS-224D-FPOE, FS-224E, FS-224E-POE, FS-248D, FS-248E-POE, FS-248E-FPOE
FortiSwitch 4xx FS-424E, FS-424E-POE, FS-424E-FPOE, FS-424E-Fiber, FS-M426E-FPOE, FS-448E, FS-448E-POE, FS-448E-FPOE
FortiSwitch 5xx FS-524D, FS-524D-FPOE, FS-548D, FS-548D-FPOE
FortiSwitch 1xxx FS-1024D, FS-1024E, FS-1048E, FS-T1024E
FortiSwitch 3xxx FS-3032E
FortiSwitch Rugged FSR-112D-POE, FSR-124D

What’s new in FortiSwitchOS 7.2.2

Release 7.2.2 provides the following new features:

  • You can now specify static entries for DHCP snooping and DAI by manually associating an IP address with a MAC address in the CLI.

  • You can now override the global option-82 setting for DHCP requests by specifying plain text strings for the Circuit ID field and the Remote ID field for a specific VLAN on a port.

  • You can now use the GUI to configure MLD snooping on FortiSwitch VLANs.

  • You can now use the following wildcard characters in the set value command for the automation trigger used for an automation stitch:

    • Use an asterisk to match any character string of any length, including 0-characters long. For example, use set value "*1567*" to match values of 81567 and 156789.

    • Use square brackets to match one of the multiple characters. For example, use set value "[aA]dmin" to match values of admin and Admin.

  • You can now configure multiple fields for the automation trigger used for an automation stitch when the event-type is event-log and the logid is set. The action is only performed if all conditions are valid (using AND logic).

  • You can use a new CLI command to change how a FortiSwitch unit with Power over Ethernet (PoE) disconnects from a powered device:

    config switch physical-port

    edit <port_name>

    set poe-disconnection-type {AC | DC | DC-delay}

    next

    end

  • VXLAN tunnels are now supported on FS-3032E.

  • If an unverified firmware image is uploaded to FortiSwitchOS, the following warning is displayed in the GUI: “WARNING: This firmware failed signature validation.”

  • You can now display IPv4 and IPv6 routes by VRF instance on the Router > Monitor > Routing and Router > Monitor > IPv6 Routing pages.

  • The default value for the set dhcp-snoop-client-req command (under config system global) is now drop-untrusted, instead of forward-untrusted.

  • The new set ebgp-requires-policy command (under config router bgp) is set to enable by default, which prevents the BGP router from learning or advertising prefixes from or to its eBGP peers.

  • Under the config router ospf command, set ucast-ttl has been renamed to set ttl. This setting now applies to multicast OSPF packets, as well as unicast OSPF packets.

Refer to the FortiSwitch feature matrix for details about the features supported by each FortiSwitch model.