Fortinet black logo

FortiLink Guide

Home FortiSwitch 7.4.1 FortiLink Guide
7.4.1
7.4.2
7.4.1
7.4.0
7.2.6
7.2.4
7.2.1
7.2.0

Whatʼs new in FortiOS 7.4.1

Whatʼs new in FortiOS 7.4.1

The following list contains new managed FortiSwitchOS features added in FortiOS 7.4.1. Click on a link to navigate to that section for further information:

  • You can now make your Security Fabric more secure with the FortiLink secure fabric. The FortiLink secure fabric provides authentication and encryption to all fabric links, wherever possible. Zero-touch support is available for FortiLink mode over a layer-2 network and over a layer-3 network. For more details, see FortiLink secure fabric.

  • More tests have been added to the FortiSwitch recommendations to help optimize your network:

    • When a connected tier-1 multichassis link-aggregation group (MCLAG) peer group is detected and FortiOS detects a possible tier-2 MCLAG pair of switches, FortiOS recommends forming a tier-2 MCLAG.

    • When a connected tier-2 MCLAG peer group is detected and FortiOS detects a possible tier-3 MCLAG pair of switches, FortiOS recommends forming a tier-3 MCLAG.

    For more details, see Optimizing the FortiSwitch network.

  • You can now enable or disable the locking down of inter-switch links (ISLs) on a single FortiLink interface in the Edit FortiLink Interface page (WiFi & Switch Controller > FortiLink Interface).

  • The FortiOS switch controller now supports the synchronization of the FortiGate system interface description to the switch VLAN description (up to the first 63 characters of FortiSwitch VLAN description field in FortiOS). This allows a more flexible use of the Tunnel-Private-Group-Id RADIUS attribute. For more details, see Dynamic VLAN assignment.

  • The CLI commands for configuring Precision Time Protocol (PTP) transparent-clock mode have changed. FortiOS supports the previous CLI commands, as well as the new ones. For more details, see Configuring PTP transparent-clock mode.

  • A new CLI command controls whether intra-VLAN traffic is blocked or allowed when the connection to the FortiGate device is lost. Before FortiOS 7.4.1, intra-VLAN traffic on the managed FortiSwitch units was blocked when the connection to the FortiGate device is lost. For more details, see Blocking intra-VLAN traffic.

  • Managed FortiSwitch VLANs can now mirror traffic on a client, and the FortiGate device will analyze the remote traffic. For more details, see Configuring the FortiOS one-arm sniffer.

  • Managed FortiSwitch units can now perform inter-VLAN routing. The FortiGate device can program a FortiSwitch unit to do the layer-3 routing of trusted traffic between specific VLANs. For more details, see Configuring inter-VLAN routing offload.

  • When using FortiLink mode over a layer-3 network and DHCP discovery with DHCP option 138, the top FortiSwitch unit (with the _FlinkDhcpDisc_ trunk) will now automatically have a Spanning Tree Protocol (STP) priority of 24576, instead of an STP priority of 32768. For more details, see FortiLink mode over a layer-3 network.

Previous
Next

Whatʼs new in FortiOS 7.4.1

The following list contains new managed FortiSwitchOS features added in FortiOS 7.4.1. Click on a link to navigate to that section for further information:

  • You can now make your Security Fabric more secure with the FortiLink secure fabric. The FortiLink secure fabric provides authentication and encryption to all fabric links, wherever possible. Zero-touch support is available for FortiLink mode over a layer-2 network and over a layer-3 network. For more details, see FortiLink secure fabric.

  • More tests have been added to the FortiSwitch recommendations to help optimize your network:

    • When a connected tier-1 multichassis link-aggregation group (MCLAG) peer group is detected and FortiOS detects a possible tier-2 MCLAG pair of switches, FortiOS recommends forming a tier-2 MCLAG.

    • When a connected tier-2 MCLAG peer group is detected and FortiOS detects a possible tier-3 MCLAG pair of switches, FortiOS recommends forming a tier-3 MCLAG.

    For more details, see Optimizing the FortiSwitch network.

  • You can now enable or disable the locking down of inter-switch links (ISLs) on a single FortiLink interface in the Edit FortiLink Interface page (WiFi & Switch Controller > FortiLink Interface).

  • The FortiOS switch controller now supports the synchronization of the FortiGate system interface description to the switch VLAN description (up to the first 63 characters of FortiSwitch VLAN description field in FortiOS). This allows a more flexible use of the Tunnel-Private-Group-Id RADIUS attribute. For more details, see Dynamic VLAN assignment.

  • The CLI commands for configuring Precision Time Protocol (PTP) transparent-clock mode have changed. FortiOS supports the previous CLI commands, as well as the new ones. For more details, see Configuring PTP transparent-clock mode.

  • A new CLI command controls whether intra-VLAN traffic is blocked or allowed when the connection to the FortiGate device is lost. Before FortiOS 7.4.1, intra-VLAN traffic on the managed FortiSwitch units was blocked when the connection to the FortiGate device is lost. For more details, see Blocking intra-VLAN traffic.

  • Managed FortiSwitch VLANs can now mirror traffic on a client, and the FortiGate device will analyze the remote traffic. For more details, see Configuring the FortiOS one-arm sniffer.

  • Managed FortiSwitch units can now perform inter-VLAN routing. The FortiGate device can program a FortiSwitch unit to do the layer-3 routing of trusted traffic between specific VLANs. For more details, see Configuring inter-VLAN routing offload.

  • When using FortiLink mode over a layer-3 network and DHCP discovery with DHCP option 138, the top FortiSwitch unit (with the _FlinkDhcpDisc_ trunk) will now automatically have a Spanning Tree Protocol (STP) priority of 24576, instead of an STP priority of 32768. For more details, see FortiLink mode over a layer-3 network.

Previous
Next