Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • FortiLink Release Notes

    Home FortiSwitch 7.2.4 FortiLink Release Notes
    7.2.4
    7.6.0
    7.4.5
    7.4.4
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.1
    7.2.0

    Introduction

    Introduction

    This document provides the following information for FortiSwitch 7.2.3 devices managed by FortiOS 7.2.4 build 1396:

    See the Fortinet Document Library for FortiSwitchOS documentation.

    Refer to the FortiLink Compatibility table to find which FortiSwitchOS versions support which FortiOS versions.

    NOTE: FortiLink is not supported in transparent mode.

    The maximum number of supported FortiSwitch units depends on the FortiGate model:

    FortiGate Model Range Number of FortiSwitch Units Supported
    FortiGate 40F, FortiGate-VM01 8
    FortiGate 6xE, 8xE, 90E, 91E 16

    FGR-60F, FG-60F, FGR-60F-3G4G, FG-61F, FG-80F, FG-80FB, FG-80FP, FG-81F, and FG-81FP

    24
    FortiGate 100D, FortiGate-VM02 24
    FortiGate 100E, 100EF, 100F, 101E, 140E, 140E-POE 32
    FortiGate 200E, 201E 64
    FortiGate 300D to 500D 48
    FortiGate 300E to 500E 72
    FortiGate 600D to 900D and FortiGate-VM04 64
    FortiGate 600E to 900E 96
    FortiGate 1000D to 15xxD 128
    FortiGate 1100E to 26xxF 196

    FortiGate-3xxx and up and FortiGate-VM08 and up

    300

    note icon New models (NPI releases) might not support FortiLink. Contact Customer Service & Support to check support for FortiLink.

    What’s new in FortiOS 7.2.4

    The following list contains new managed FortiSwitch features added in FortiOS 7.2.4:

    • A new CLI command reports device statistics when network access control (NAC) is enabled. The diagnose switch-controller telemetry show mac-stats command reports the MAC addresses of known devices, the number of packets and bytes received, the number of seconds since the last update, and the age of the MAC counter in seconds.

    • NAC now supports more connected devices—up to 48 times the maximum number of managed FortiSwitch units supported on the FortiGate device. You can use the diagnose switch-controller mac-device nac known command to check the number of known devices. When 95 percent of the maximum number of devices is reached, a warning icon is displayed in the Matched NAC Devices widget in the FortiOS GUI. When the maximum number is reached, a switch-controller event is logged.
    • The range and default values for the set nac-periodic-interval command (under config switch-controller system) have changed. The default value is now 60, and the range of values is now 5-180.
    • The range and default values for the set dynamic-periodic-interval command (under config switch-controller system) have changed. The default value is now 60, and the range of values is now 5-180.

    • You can now specify static entries for DHCP snooping and dynamic ARP inspection (DAI) by manually associating an IP address with a MAC address in the FortiOS CLI.

    • The FG-180xF and FG-260xF models can now manage 196 FortiSwitch units.

    • There is now a set link-status command under config switch-controller managed-switch in the FortiOS CLI.

    • New tests have been added to the FortiSwitch recommendations in the Security Fabric > Security Rating page to help optimize your network. The tests check the following:

      • If the poe-status has been enabled under the config switch-controller auto-config policy command, FortiOS recommends that you disable it to prevent unpredictable problems caused by connecting two power sourcing equipment (PSE) ports.
      • If port 8 of an FS-108E or FS-108 unit is used for an inter-switch link (ISL), FortiOS recommends creating a custom auto-config policy.
      • If the configured speed is less than the maximum speed for a switch port, FortiOS recommends changing the port speed to the maximum amount.
      • Check if the inter-switch links (ISLs) and inter-chassis links (ICLs) are static to increase stability during events such as cable disconnections or power outages.

      • When a multichassis LAG (MCLAG) is recommended between two FortiSwitch units, there is a Create MCLAG button available under WiFi & Switch Controller > Managed FortiSwitches in the Topology view.

    • A new FortiView Internal Hubs monitor in FortiOS will report the IP addresses and the number of bytes collected with flow tracking from devices behind a managed FortiSwitch unit. If you drill down on one of the devices, you can see a chart displaying the devices and how they are connected.

    • You can now use the FortiOS CLI to configure the Power over Ethernet (PoE) port mode (IEEE802.3 AF or IEEE802.3 AT), port priority (critical, high, medium, or low), and port power (normal, perpetual, or perpetual fast) on managed switches.
    Previous
    Next

    Introduction

    Introduction

    This document provides the following information for FortiSwitch 7.2.3 devices managed by FortiOS 7.2.4 build 1396:

    See the Fortinet Document Library for FortiSwitchOS documentation.

    Refer to the FortiLink Compatibility table to find which FortiSwitchOS versions support which FortiOS versions.

    NOTE: FortiLink is not supported in transparent mode.

    The maximum number of supported FortiSwitch units depends on the FortiGate model:

    FortiGate Model Range Number of FortiSwitch Units Supported
    FortiGate 40F, FortiGate-VM01 8
    FortiGate 6xE, 8xE, 90E, 91E 16

    FGR-60F, FG-60F, FGR-60F-3G4G, FG-61F, FG-80F, FG-80FB, FG-80FP, FG-81F, and FG-81FP

    24
    FortiGate 100D, FortiGate-VM02 24
    FortiGate 100E, 100EF, 100F, 101E, 140E, 140E-POE 32
    FortiGate 200E, 201E 64
    FortiGate 300D to 500D 48
    FortiGate 300E to 500E 72
    FortiGate 600D to 900D and FortiGate-VM04 64
    FortiGate 600E to 900E 96
    FortiGate 1000D to 15xxD 128
    FortiGate 1100E to 26xxF 196

    FortiGate-3xxx and up and FortiGate-VM08 and up

    300

    note icon New models (NPI releases) might not support FortiLink. Contact Customer Service & Support to check support for FortiLink.

    What’s new in FortiOS 7.2.4

    The following list contains new managed FortiSwitch features added in FortiOS 7.2.4:

    • A new CLI command reports device statistics when network access control (NAC) is enabled. The diagnose switch-controller telemetry show mac-stats command reports the MAC addresses of known devices, the number of packets and bytes received, the number of seconds since the last update, and the age of the MAC counter in seconds.

    • NAC now supports more connected devices—up to 48 times the maximum number of managed FortiSwitch units supported on the FortiGate device. You can use the diagnose switch-controller mac-device nac known command to check the number of known devices. When 95 percent of the maximum number of devices is reached, a warning icon is displayed in the Matched NAC Devices widget in the FortiOS GUI. When the maximum number is reached, a switch-controller event is logged.
    • The range and default values for the set nac-periodic-interval command (under config switch-controller system) have changed. The default value is now 60, and the range of values is now 5-180.
    • The range and default values for the set dynamic-periodic-interval command (under config switch-controller system) have changed. The default value is now 60, and the range of values is now 5-180.

    • You can now specify static entries for DHCP snooping and dynamic ARP inspection (DAI) by manually associating an IP address with a MAC address in the FortiOS CLI.

    • The FG-180xF and FG-260xF models can now manage 196 FortiSwitch units.

    • There is now a set link-status command under config switch-controller managed-switch in the FortiOS CLI.

    • New tests have been added to the FortiSwitch recommendations in the Security Fabric > Security Rating page to help optimize your network. The tests check the following:

      • If the poe-status has been enabled under the config switch-controller auto-config policy command, FortiOS recommends that you disable it to prevent unpredictable problems caused by connecting two power sourcing equipment (PSE) ports.
      • If port 8 of an FS-108E or FS-108 unit is used for an inter-switch link (ISL), FortiOS recommends creating a custom auto-config policy.
      • If the configured speed is less than the maximum speed for a switch port, FortiOS recommends changing the port speed to the maximum amount.
      • Check if the inter-switch links (ISLs) and inter-chassis links (ICLs) are static to increase stability during events such as cable disconnections or power outages.

      • When a multichassis LAG (MCLAG) is recommended between two FortiSwitch units, there is a Create MCLAG button available under WiFi & Switch Controller > Managed FortiSwitches in the Topology view.

    • A new FortiView Internal Hubs monitor in FortiOS will report the IP addresses and the number of bytes collected with flow tracking from devices behind a managed FortiSwitch unit. If you drill down on one of the devices, you can see a chart displaying the devices and how they are connected.

    • You can now use the FortiOS CLI to configure the Power over Ethernet (PoE) port mode (IEEE802.3 AF or IEEE802.3 AT), port priority (critical, high, medium, or low), and port power (normal, perpetual, or perpetual fast) on managed switches.
    Previous
    Next