Introduction
This document provides the following information for FSR-424F-POE build 6045:
- Supported features (FortiSwitchOS version 7.2.4 build 6045)
- Special notices
- Product integration and support
- Known issues
For additional information, see the FortiSwitch Rugged 424F POE QuickStart Guide.
Supported features (FortiSwitchOS version 7.2.4 build 6045)
The following table lists the FSR-424F-POE features in Release 7.2.4. Features marked with ü are supported by FSR-424F-POE in standalone mode; features marked with are supported in both standalone and in managed mode. Security Fabric features are available exclusively in managed mode.
Feature |
GUI Supported |
FSR-424F-POE |
---|---|---|
Security Fabric (exclusively in managed mode) |
||
Centralized configuration |
ü |
|
Centralized firmware management |
ü |
|
Automated detection and recommendations |
ü |
|
Syslog collection |
— |
|
Device detection |
ü |
|
Network device detection |
— |
|
Block intra-VLAN traffic |
ü |
|
Host quarantine |
ü |
|
Integrated FortiGate network access control (NAC) function |
ü |
|
NAC LAN segments |
ü |
|
FortiGuard IoT identification |
ü |
|
Support of matching FortiClient EMS tags in NAC policies |
ü |
|
Dynamic port policies |
ü |
|
FortiLink management over VXLAN |
— |
|
Management and Configuration |
||
Firmware image rotation (dual-firmware image support) |
— |
ü |
HTTP REST APIs for configuration and monitoring |
— |
ü |
Support for switch SNMP OID |
ü |
|
IP conflict detection and notification |
ü |
ü |
FortiLAN Cloud configuration |
ü |
ü |
FortiSwitch Manager configuration |
ü |
ü |
Auto topology |
— |
|
Security and Visibility |
||
RADIUS for administrative authentication |
— |
ü |
TACACS+ for administrative authentication |
— |
ü |
802.1X port mode |
ü |
|
802.1X MAC-based mode |
ü |
|
802.1X MAC-based mode: Wake-on-LAN |
— |
ü |
User-based (802.1X) VLAN assignment |
ü |
|
802.1X: MAB |
ü |
|
open-auth mode |
ü |
|
allow-mac-move |
— |
ü |
802.1X/MAB priority |
— |
ü |
Support of the RADIUS accounting server |
Partial |
|
Support of RADIUS CoA and disconnect messages |
— |
|
EAP pass-through |
ü |
|
sFlow (IPv4) |
ü |
|
Flow export (IPv4) |
ü |
|
ACL (IPv4) |
ü |
ü |
Multiple ingress ACLs (IPv4) |
ü |
ü |
Schedule for ACLs (IPv4) |
— |
ü |
Dynamic ACLs (IPv4) |
— |
ü |
ACL: color marking (IPv4) |
ü |
ü |
DHCP snooping |
ü |
|
DHCPv6 snooping |
ü |
ü |
DHCP-snooping static entries (IPv4) |
— |
ü |
Allowed DHCP server list |
ü |
|
Flap guard |
— |
|
IP source guard (IPv4) |
ü |
|
IP source-guard violation log |
— |
ü |
Dynamic ARP inspection (IPv4) |
ü |
|
ARP timeout value |
— |
ü |
RMON group 1 |
— |
ü |
Reliable syslog |
— |
ü |
Packet capture |
ü |
|
FIPS 140-2 (Level 2) support |
— |
|
Layer 2 |
||
Link aggregation group size (maximum number of ports) |
ü |
8 |
LAG min-max bundle |
— |
|
IPv6 RA guard |
— |
ü |
IGMP snooping |
ü |
|
IGMP proxy |
ü |
|
IGMP querier |
— |
|
LLDP transmit |
— |
|
LLDP-MED |
— |
|
LLDP-MED: ELIN support |
ü |
|
MAC learning limit |
— |
|
Learning-limit violation log |
ü |
|
Learning-limit violation action |
— |
ü |
set mac-violation-timer |
— |
|
Sticky MAC |
ü |
|
Warning when the layer-2 table is getting full |
— |
ü |
MSTP instances |
— |
0-15 |
STP root guard |
ü |
|
STP BPDU guard |
ü |
|
Rapid PVST interoperation |
— |
|
'forced-untagged' or 'force-tagged' setting on switch interfaces |
— |
|
Private VLANs |
ü |
ü |
Ingress pause metering |
— |
|
Storm control |
ü |
|
Per-port storm control |
ü |
|
Global burst-size control |
ü |
|
MAC/IP/protocol-based VLAN assignment |
ü |
ü |
Virtual wire |
ü |
ü |
Loop guard |
ü |
|
Percentage rate control |
ü |
|
VLAN stacking (QnQ) |
ü |
ü |
VLAN mapping |
ü |
ü |
SPAN |
ü |
|
RSPAN and ERSPAN (IPv4) |
ü |
|
Flow control |
— |
|
Layer 3 |
||
VXLAN: STP virtual root |
— |
ü |
RVI |
— |
ü |
Link monitor (IPv4/IPv6) |
ü |
ü |
Static routing (IPv4/IPv6) |
ü |
ü |
Hardware-based routing (IPv4/IPv6) |
ü |
ü |
Static BFD (IPv4/IPv6) |
ü |
ü |
DHCP relay (IPv4) |
ü |
ü |
DHCP server (IPv4) |
ü |
ü |
Layer 3: Requires Advanced Features License |
||
Policy-based routing (IPv4) |
— |
ü |
OSPF (IPv4/IPv6) |
ü |
ü |
BFD for OSPF (IPv4/IPv6) |
ü |
ü |
OSPF database overflow protection (IPv4) |
— |
ü |
OSPF graceful restart (IPv4, helper mode only) |
— |
ü |
RIP (IPv4/IPv6) |
ü |
ü |
BFD for RIP (IPv4/IPv6) |
— |
ü |
VRRP (IPv4/IPv6) |
ü |
ü |
BGP (IPv4/IPv6) |
— |
ü |
BFD for BGP (IPv4/IPv6) |
— |
ü |
IS-IS (IPv4/IPv6) |
— |
ü |
BFD for IS-IS (IPv4/IPv6) |
— |
ü |
High Availability |
||
MCLAG (multichassis link aggregation) |
Partial |
|
STP supported in MCLAGs |
— |
|
IGMP snooping support in MCLAG |
ü |
|
Layer-3 (IPv4) routing in MCLAG |
— |
VRRP and static |
— |
ü |
|
— |
ü |
|
Quality of Service |
||
802.1p support, including priority queuing trunk and WRED |
ü |
|
QoS queue counters |
— |
|
Tail-drop policy |
ü |
ü |
WRED drop policy |
ü |
ü |
QoS marking (IPv4/IPv6) |
— |
ü |
Summary of configured queue mappings |
ü |
|
Egress priority tagging (IPv4/IPv6) |
— |
|
ECN (IPv4/IPv6) |
ü |
|
Real-time egress queue rates |
— |
ü |
Miscellaneous |
||
PoE-pre-standard detection |
— |
|
PoE modes support: first come, first served or priority based |
— |
|
Perpetual PoE (See Note 1.) |
— |
ü |
PoE disconnection type |
— |
ü |
TDR (time-domain reflectometer)/cable diagnostics support |
ü |
|
Monitor system temperature (threshold configuration and SNMP trap support) |
— |
ü |
MAC notification SNMP trap |
— |
ü |
Add CLI to show the details of port statistics |
— |
|
Energy-efficient Ethernet |
ü |
ü |
Precision Time Protocol transparent clock (IPv4) |
— |
|
Alias commands |
— |
ü |
Automation stitches |
— |
ü |
Multiple path traceroute |
ü |
ü |
Wake-on-LAN packets |
— |
ü |
Save event log in flash memory |
— |
ü |
Notes
-
When the FortiSwitch unit is using
poe-port-power perpetual-fast
, the following BIOS version is required: 04000009.