Introduction
This document provides the following information for FSR-424F-POE build 6045:
- Supported features (FortiSwitchOS version 7.2.4 build 6045)
- Special notices
- Product integration and support
- Known issues
For additional information, see the FortiSwitch Rugged 424F POE QuickStart Guide.
Supported features (FortiSwitchOS version 7.2.4 build 6045)
The following table lists the FSR-424F-POE features in Release 7.2.4. Features marked with ü are supported by FSR-424F-POE in standalone mode; features marked with 
are supported in both standalone and in managed mode. Security Fabric features are available exclusively in managed mode.
|
Feature |
GUI Supported |
FSR-424F-POE |
|---|---|---|
|
Security Fabric (exclusively in managed mode) |
||
|
Centralized configuration |
ü |
|
|
Centralized firmware management |
ü |
|
|
Automated detection and recommendations |
ü |
|
|
Syslog collection |
— |
|
|
Device detection |
ü |
|
|
Network device detection |
— |
|
|
Block intra-VLAN traffic |
ü |
|
|
Host quarantine |
ü |
|
|
Integrated FortiGate network access control (NAC) function |
ü |
|
|
NAC LAN segments |
ü |
|
|
FortiGuard IoT identification |
ü |
|
|
Support of matching FortiClient EMS tags in NAC policies |
ü |
|
|
Dynamic port policies |
ü |
|
|
FortiLink management over VXLAN |
— |
|
|
Management and Configuration |
||
|
Firmware image rotation (dual-firmware image support) |
— |
ü |
|
HTTP REST APIs for configuration and monitoring |
— |
ü |
|
Support for switch SNMP OID |
ü |
|
|
IP conflict detection and notification |
ü |
ü |
|
FortiLAN Cloud configuration |
ü |
ü |
|
FortiSwitch Manager configuration |
ü |
ü |
|
Auto topology |
— |
|
|
Security and Visibility |
||
|
RADIUS for administrative authentication |
— |
ü |
|
TACACS+ for administrative authentication |
— |
ü |
|
802.1X port mode |
ü |
|
|
802.1X MAC-based mode |
ü |
|
|
802.1X MAC-based mode: Wake-on-LAN |
— |
ü |
|
User-based (802.1X) VLAN assignment |
ü |
|
|
802.1X: MAB |
ü |
|
|
open-auth mode |
ü |
|
|
allow-mac-move |
— |
ü |
|
802.1X/MAB priority |
— |
ü |
|
Support of the RADIUS accounting server |
Partial |
|
|
Support of RADIUS CoA and disconnect messages |
— |
|
|
EAP pass-through |
ü |
|
|
sFlow (IPv4) |
ü |
|
|
Flow export (IPv4) |
ü |
|
|
ACL (IPv4) |
ü |
ü |
|
Multiple ingress ACLs (IPv4) |
ü |
ü |
|
Schedule for ACLs (IPv4) |
— |
ü |
|
Dynamic ACLs (IPv4) |
— |
ü |
|
ACL: color marking (IPv4) |
ü |
ü |
|
DHCP snooping |
ü |
|
|
DHCPv6 snooping |
ü |
ü |
|
DHCP-snooping static entries (IPv4) |
— |
ü |
|
Allowed DHCP server list |
ü |
|
|
Flap guard |
— |
|
|
IP source guard (IPv4) |
ü |
|
|
IP source-guard violation log |
— |
ü |
|
Dynamic ARP inspection (IPv4) |
ü |
|
|
ARP timeout value |
— |
ü |
|
RMON group 1 |
— |
ü |
|
Reliable syslog |
— |
ü |
|
Packet capture |
ü |
|
|
FIPS 140-2 (Level 2) support |
— |
|
|
Layer 2 |
||
|
Link aggregation group size (maximum number of ports) |
ü |
8 |
|
LAG min-max bundle |
— |
|
|
IPv6 RA guard |
— |
ü |
|
IGMP snooping |
ü |
|
|
IGMP proxy |
ü |
|
|
IGMP querier |
— |
|
|
LLDP transmit |
— |
|
|
LLDP-MED |
— |
|
|
LLDP-MED: ELIN support |
ü |
|
|
MAC learning limit |
— |
|
|
Learning-limit violation log |
ü |
|
|
Learning-limit violation action |
— |
ü |
|
set mac-violation-timer |
— |
|
|
Sticky MAC |
ü |
|
|
Warning when the layer-2 table is getting full |
— |
ü |
|
MSTP instances |
— |
0-15 |
|
STP root guard |
ü |
|
|
STP BPDU guard |
ü |
|
|
Rapid PVST interoperation |
— |
|
|
'forced-untagged' or 'force-tagged' setting on switch interfaces |
— |
|
|
Private VLANs |
ü |
ü |
|
Ingress pause metering |
— |
|
|
Storm control |
ü |
|
|
Per-port storm control |
ü |
|
|
Global burst-size control |
ü |
|
|
MAC/IP/protocol-based VLAN assignment |
ü |
ü |
|
Virtual wire |
ü |
ü |
|
Loop guard |
ü |
|
|
Percentage rate control |
ü |
|
|
VLAN stacking (QnQ) |
ü |
ü |
|
VLAN mapping |
ü |
ü |
|
SPAN |
ü |
|
|
RSPAN and ERSPAN (IPv4) |
ü |
|
|
Flow control |
— |
|
|
Layer 3 |
||
|
VXLAN: STP virtual root |
— |
ü |
|
RVI |
— |
ü |
|
Link monitor (IPv4/IPv6) |
ü |
ü |
|
Static routing (IPv4/IPv6) |
ü |
ü |
|
Hardware-based routing (IPv4/IPv6) |
ü |
ü |
|
Static BFD (IPv4/IPv6) |
ü |
ü |
|
DHCP relay (IPv4) |
ü |
ü |
|
DHCP server (IPv4) |
ü |
ü |
|
Layer 3: Requires Advanced Features License |
||
|
Policy-based routing (IPv4) |
— |
ü |
|
OSPF (IPv4/IPv6) |
ü |
ü |
|
BFD for OSPF (IPv4/IPv6) |
ü |
ü |
|
OSPF database overflow protection (IPv4) |
— |
ü |
|
OSPF graceful restart (IPv4, helper mode only) |
— |
ü |
|
RIP (IPv4/IPv6) |
ü |
ü |
|
BFD for RIP (IPv4/IPv6) |
— |
ü |
|
VRRP (IPv4/IPv6) |
ü |
ü |
|
BGP (IPv4/IPv6) |
— |
ü |
|
BFD for BGP (IPv4/IPv6) |
— |
ü |
|
IS-IS (IPv4/IPv6) |
— |
ü |
|
BFD for IS-IS (IPv4/IPv6) |
— |
ü |
|
High Availability |
||
|
MCLAG (multichassis link aggregation) |
Partial |
|
|
STP supported in MCLAGs |
— |
|
|
IGMP snooping support in MCLAG |
ü |
|
|
Layer-3 (IPv4) routing in MCLAG |
— |
VRRP and static |
|
— |
ü |
|
|
— |
ü |
|
|
Quality of Service |
||
|
802.1p support, including priority queuing trunk and WRED |
ü |
|
|
QoS queue counters |
— |
|
|
Tail-drop policy |
ü |
ü |
|
WRED drop policy |
ü |
ü |
|
QoS marking (IPv4/IPv6) |
— |
ü |
|
Summary of configured queue mappings |
ü |
|
|
Egress priority tagging (IPv4/IPv6) |
— |
|
|
ECN (IPv4/IPv6) |
ü |
|
|
Real-time egress queue rates |
— |
ü |
|
Miscellaneous |
||
|
PoE-pre-standard detection |
— |
|
|
PoE modes support: first come, first served or priority based |
— |
|
|
Perpetual PoE (See Note 1.) |
— |
ü |
|
PoE disconnection type |
— |
ü |
|
TDR (time-domain reflectometer)/cable diagnostics support |
ü |
|
|
Monitor system temperature (threshold configuration and SNMP trap support) |
— |
ü |
|
MAC notification SNMP trap |
— |
ü |
|
Add CLI to show the details of port statistics |
— |
|
|
Energy-efficient Ethernet |
ü |
ü |
|
Precision Time Protocol transparent clock (IPv4) |
— |
|
|
Alias commands |
— |
ü |
|
Automation stitches |
— |
ü |
|
Multiple path traceroute |
ü |
ü |
|
Wake-on-LAN packets |
— |
ü |
|
Save event log in flash memory |
— |
ü |
Notes
-
When the FortiSwitch unit is using
poe-port-power perpetual-fast, the following BIOS version is required: 04000009.