IPv6 support
When the operating mode is Reverse Proxy, Offline Protection, or Transparent Inspection, the features below support IPv6-to-IPv6 forwarding. The features below also support NAT64 to handle environments in which legacy back-end equipment supports only IPv4.
- IP/Netmask for all types of network interfaces and DNS settings
- Gateway and Destination IP/Mask for IP-layer static routes
- Virtual Server/V-zone
- Server Pool
- Server Health Check
- Protected Hostnames
- Add HSTS Header
- X-Forwarded-For
- Session Management
- Cookie Security Policy
- Signatures
- Custom Policy
- Parameter Validation
- Hidden Fields Protection
- File Security
- HTTP Protocol Constraints
- Brute Force Login
- URL Access
- Page Access (page order)
- Start Pages
- Allow Method
- IP List (manual, individual IP blacklisting/whitelisting)
- File Compress
- Vulnerability scans
- Configuring the global object white list
- Chunk decoding
- FortiGuard server IP overrides (see Connecting to FortiGuard services)
- URL Rewriting (also redirection)
- HTTP Authentication and LDAP, RADIUS, and NTLM profiles
- Geo IP
- DoS Protection Policy
- SNMP traps & queries
- IP Reputation
- Device Tracking (see Monitoring currently tracked devices )
- HTTP Header Security (see Addressing security vulnerabilities by HTTP Security Headers)
Features not yet supported are:
|
If a policy has any virtual servers or server pools that contain physical or domain servers with IPv6 addresses, it does not apply these features, even if they are selected. |
- Shared IP
- Policy bypasses for known search engines
- Firewall
- Log-based reports
- Alert email
- Syslog and FortiAnalyzer IP addresses
- NTP
- FTP immediate/scheduled
- SCEP
- Anti-defacement
- HA/Configuration sync
exec restoreexec backupexec tracerouteexec telnet
