[v6.0.1, v5.6.5, v5.4.9] FortiOS Cook & Research

[201711072300]
Network Processor(ASIC) specification


[201604111541]
Technical Note: Disable ARP reply in Virtual IPs
http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD38566&sliceId=1&docTypeID=DT_KCARTICLE_1_1&dialogID=79313033&stateId=0%200%2079311655

Technical Note: How to setup the FortiGate to assign IPv6 addresses
http://kb.fortinet.com/kb/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=FD38573&sliceId=1&docTypeID=DT_KCARTICLE_1_1

[201603231843]
About Multicast forwarding
"When multicastforward is enabled, the FortiGate unit forwards any multicast IP packets in which the TTL is 2 or higher to all interfaces and VLAN interfaces except the receiving interface."

There is sometimes a confusion between the terms “forwarding” and “routing”. These two functions should not be taking place at the same time.

It is mentioned that multicast-forward should be enabled when the FortiGate unit is in NAT mode and that this will forward any multicast packet to all interfaces. However, this parameter should NOT be enabled when the FortiGate unit operates as a multicast router (i.e. with a routing protocol enabled. It should only be enabled when there is no routing protocols activated.

[201603212238]
使用FortiGate轉發multicast, 應用多媒體服務, ex: DLNA

---

FortiOS v5.2 GA(Global Availability)已正式發佈...
主要強化了VPN以及BYOD..
另外增加了一種稱為Virtual-WAN智能型頻寬分配..
允許將多個WAN界面合併成個虛擬界面..
應用多WAN的情況下...
此版本為重大革新...

本串將供於v5.2版的學習與討論...
各種改革項目(improvements)如下:
01. Unified Policy Management
02. FortiView Dashboards
03. SSL Inspection
04. Web Filtering
05. Application Control
06. IPsec VPN Wizard
07. Captive Portal
08. FortiAP Management
09. Improved flow-based Antivirus
10. FortiExtender Support
11. Using a Virtual WAN Link for Redundant Internet Connections
12. Internet Key Exchange (IKE)
13. SSL VPN Creation
14. On-Net Status for FortiClient Devices

請注意! release notes的firmware upgrading摘要..
it's very important....!!!

---

201406191203, dynamic gateway support for virtual wan link(VWL)
confirmed!
VWL supported dynamic interfaces (PPPOE and DHCP ) by GA.

How to use it???
There is no special configuration:
1) WAN interface configuration(DHCP and PPPoE)
2) VWL configuration, only add those two interfaces as members(gateway as 0.0.0.0)
3) Policy for VWL
4) Static route with VWL, set gateway as 0.0.0.0

---

201406210054, Disk logging and memory logging changes
On some FortiGate models, flash-based logging is not available in FortiOS v5.2.0. For these
platforms, Fortinet recommends the free FortiCloud central logging & reporting service, as it
offers higher capacity and extends the features available to the FortiGate. These models
include:
• FG-100D (P09340-04 or earlier)
• FG-20C
• FG-20C_ADSL_A
• FG-200B/200B_POE (Without FSM)
• FG-300C_Gen1 (P09616-04 or earlier)
Upgrading to FortiOS v5.2.0 build 0589 Page 19 FortiOS v5.2.0 Release Notes
• FG-40C
• FG-60C
• FG-60C-POE
• FG-60C-SFP
• FG-70D
• FG-60D
• FG-80C/80CM (P05403-05, P05446-05)
• FW-20C
• FW-40C
• FW-20C_ADSL_A
• FW-60CX_A
• FW-60C
• FW-60CM (P08962-04 or later)
• FW-60CX_ADSL-A
• FW-60D
• FW-60D-POE
• FW-80CM (P05405-06 or later)

---