Fortinet black logo

Handbook

Transparent mode features

6.0.0
Copy Link
Copy Doc ID 4afb0436-a998-11e9-81a4-00505692583a:62428
Download PDF

Transparent mode features

Different FortiOS features are available depending on whether your FortiGate is in transparent or NAT mode. The following table shows which features are available for each mode.

note icon

For a FortiGate in transparent mode, the maximum number of Interfaces per VDOM is 254. This value includes both physical and virtual interfaces.

Feature

NAT

Transparent

Comment

Unicast routing/policy-based routing

Yes

No

VIP/IP pools/ NAT

Yes

Yes

Configurable from CLI only in transparent mode

Multicast routing

Yes

No

Options are available to forward multicast packets

L2 forwarding

No

Yes

In transparent mode, other frames than IP can be forwarded, but only without security scanning

Firewall (packet filtering/NAT/Authentication)

Yes

Yes

IPv6 capable

Yes

Yes

Traffic shaping (type of service)

Yes

Yes

Hardware acceleration

Yes

Yes

All security profile features (ex IPS, Application Control, Web Filtering, etc ...)

Yes

Yes

Security Fabric

Yes

No

FortiView

Yes

Yes

IPsec VPN

Yes

Yes

Only policy based IPsec VPNs are supported for transparent mode

SSL VPN

Yes

No

High availability (HA) - virtual cluster

Yes

Yes

802.3ad (LACP/port aggregation)

Yes

Yes

HA port redundancy

Yes

Yes

FortiGate hardware dependent

802.1q - VLAN trunking

Yes

Yes

802.1d - spanning tree

No

No

Option to forward VPDUs

Logging and reporting (disk and memory logging, FortiCloud, syslog, and FortiAnalyzer)

Yes

Yes

Managed by FortiManager

Yes

Yes

Transparent mode features

Different FortiOS features are available depending on whether your FortiGate is in transparent or NAT mode. The following table shows which features are available for each mode.

note icon

For a FortiGate in transparent mode, the maximum number of Interfaces per VDOM is 254. This value includes both physical and virtual interfaces.

Feature

NAT

Transparent

Comment

Unicast routing/policy-based routing

Yes

No

VIP/IP pools/ NAT

Yes

Yes

Configurable from CLI only in transparent mode

Multicast routing

Yes

No

Options are available to forward multicast packets

L2 forwarding

No

Yes

In transparent mode, other frames than IP can be forwarded, but only without security scanning

Firewall (packet filtering/NAT/Authentication)

Yes

Yes

IPv6 capable

Yes

Yes

Traffic shaping (type of service)

Yes

Yes

Hardware acceleration

Yes

Yes

All security profile features (ex IPS, Application Control, Web Filtering, etc ...)

Yes

Yes

Security Fabric

Yes

No

FortiView

Yes

Yes

IPsec VPN

Yes

Yes

Only policy based IPsec VPNs are supported for transparent mode

SSL VPN

Yes

No

High availability (HA) - virtual cluster

Yes

Yes

802.3ad (LACP/port aggregation)

Yes

Yes

HA port redundancy

Yes

Yes

FortiGate hardware dependent

802.1q - VLAN trunking

Yes

Yes

802.1d - spanning tree

No

No

Option to forward VPDUs

Logging and reporting (disk and memory logging, FortiCloud, syslog, and FortiAnalyzer)

Yes

Yes

Managed by FortiManager

Yes

Yes