FortiWAN Document enhancements

Leave a reply

Document enhancements

The following document content is enhanced or changed since FortiWAN 4.0.1:

FortiWAN 4.3.1 l Parameter generic-receive-offload of command sysctl was removed from Console Mode Commands. Related descriptions about disabling GRO were removed as well from How the Tunnel Routing Works and How to set up routing rules for Tunnel Routing.

  • An appendix was added for suggested maximum configuration values, see Appendix B: Suggested

Maximum Configuration Values l A topic about possible query loop was added in DNS Proxy.

  • A description was added for suggested IPSec encryption algorithms, see IPSec VPN in the Web UI.

FortiWAN 4.3.0 l Content of Tunnel Routing was updated for large-scale TR network support and the updated benchmark. See Tunnel Routing Scale, Tunnel Routing – Setting, How to set up routing rules for Tunnel Routing and Tunnel Routing – Benchmark. l Content of IPSec was updated for IKEv2 support. See Specifications of FortiWAN’s IPsec VPN and IKE Phase 1 Web UI fields.

  • Content of automatic IP addressing was updated for dual DHCP servers support in a DHCP relay. See DHCP Relay. l Content of Report Email and Reports Settings was updated, and a new page Scheduled Emails was added for the new Reports feature – scheduled report email.
  • Content of Reports Settings and Reports Database Tool was updated, andA new page Database Data Utility was added for the new Reports feature – Web-based Rpeorts database management tool.
  • Content of CLI commands was updated for the new parameter PORT of resetconfig and the change to init_reports_db. See CLI Command – resetconfig.
  • Content of DNS Proxy was updated for the changes to the Source configuration. See DNS Proxy Setting

Fields.

  • Content of WAN link health detection was updated for the new condition “Number of successful detection” to declare a WAN link available. See WAN Link Health Detection.
  • Content of Administrator was updated for the changes to Monitor account. See Administrator and Monitor Password. l Content of Multihoming was updated for the new configurations to support SOA and NS records for the reverse lookup zones. See Global Settings: IPv4/IPv6 PTR Record. l Diagrams related to Web UI were updated for the new look and feel. l A glossary for FortiWAN network setting was added. See Glossary for FortiWAN network setting.
  • Content about network deployment was enhanced: Configuring networks to FortiWAN, Configuring Network Interface (Network Setting), Configuring your WAN and DMZ, Network interfaces and port mapping, WAN, LAN and DMZ, WAN link and WAN port, WAN types: Routing mode and Bridge mode, Public IP Pass-through (DMZ Transparent Mode), Aggregated, Redundant, VLAN Ports and Port Mapping, Bridge-mode (one static IP) WAN link, Routing-mode WAN link and Bridge-mode (multiple static IP) WAN link.
  • Description about default rule was added to Firewall section. See Firewall.

Document enhancements

  • A note about accessing to WebUI through WAN ports was added, see Connecting to the Web UI and the

CLI.

FortiWAN 4.2.7 l None FortiWAN 4.2.6 l None FortiWAN 4.2.5

l Content of section Performance in How the Tunnel Routing Works was enhanced by adding two subsections, Throughput of bidirectional TR transmission and Persistent Route in Tunnel Routing. A description about configuring for better bidirectional TR transmission was added in Tunnel Routing Setting.

FortiWAN 4.2.4 l None

FortiWAN 4.2.3 l Content about how to enhance Tunnel Routing performance was added to section Performance in How the Tunnel Routing Works and section Tunnel Group in Tunnel Routing – Setting.

  • Content about a new system parameter generic-receive-offload-<port> of CLI command sysctlwas added in Console Mode Commands, and the other content of command sysctl was enhanced.
  • Content about DHCP options 43 (Vender Specific Information) and 66 (TFTP Server Name) was added to section DHCP in Automatic addressing within a basic subnet.
  • Content about the new filter item Input Port was added to section Inbound & Outbound IPv4/IPv6 Filter

in Bandwidth Management.

  • Content about aggregated port in Configurations for VLAN and Port Mapping was updated, and the other content was enhanced also.
  • Content about supporting wildcard for A/AAAA records and dot characters for other resource records was added in Inbound Load Balancing and Failover (Multihoming), and the other content was enhanced also.
  • Content of Parameter of section Configurations in Outbound Load Balancing and Failover (Auto Routing) was updated.
  • Content about a new measure Round Trip Time (RTT) was added to section Tunnel Health Status in Tunnel Status.
  • Content of Load Balancing Algorithms was enhanced. l Content of Optimum Route Detection was enhanced.

FortiWAN 4.2.2 l None FortiWAN 4.2.1

  • A garbage character R at the leftmost position of the topic line “Define routing policies for an IPSec VPN” in page 198 was removed.

FortiWAN 4.2.0 l New page “Automatic addressing within a basic subnet” was added for the new features DHCP Relay

and static addressing by client identifier. Related pages “LAN Private Subnet”, “Configurations for a WAN link in Routing Mode” and “Configurations for a WAN link in Bridge Mode: Multiple Static IP” were enhanced.

  • New topic “IPSec” and new page “Statistics > IPSec” were added for new feature IPSec. Related pages “Log > View”, “Log > Log Control”, “How the Tunnel Routing Works” and “Tunnel Routing – Setting” were enhanced.
  • Content of “Bandwidth Management” was updated for a behavior change – visibility to Tunnel Routing traffic. A new page “Traffic Statistics for Tunnel Routing and IPSec” was added for this.
  • Content of “Administration” was updated in sections “Administrator and Monitor Password” and “Configuration File” for updated features – allowing change personal password by Monitor account and performing synchronization to slave unit after configurations are restored on master unit. l The description of the account “maintainer” in “Connecting to the Web UI and the CLI” was removed.
  • Content of “Optimum Route Detection”, “DNS Proxy”, “Configurations for VLAN and Port Mapping”, “Internal DNS”, “Set DNS server for FortiWAN”, “FortiWAN in HA (High Availability) Mode” and “Inbound Load Balancing and Failover (Multihoming)” was enhanced.

FortiWAN 4.1.3

  • A section describing log format was added in “Log > View”.

FortiWAN 4.1.2 l Content of “Global Settings: IPv4 / IPv6 PTR Record” in “Inbound Load Balancing and Failover (Multihoming)” was changed.

FortiWAN 4.1.1 l Content was added to “Console Mode Commands” for the new CLI command shutdown.

  • Requirement of License Key was removed from section Firmware Upgrade in “FortiWAN in HA (High Availability) Mode” and “Administration”.
  • Two deployment scenarios were added to “Tunnel Routing > Scenarios”.
  • Correspondent MIB fields and OIDs were added to “FortiWAN in HA (High Availability) Mode”, “Summary”, “Administration” and “Network Setting > MIB fields for WAN links and VLANs”. l Content of “SNMP” and “Notification” was enhanced.
  • Content of “Statistics > WAN Link Health Detection” was enhanced.

FortiWAN 4.1.0 l Content was added to “Scope”, “Default Port Mapping”, “FortiWAN in HA (High Availability) Mode”, “Connecting to the Web UI and the CLI”, “Configurations for VLAN and Port Mapping” and “Summary” for the new model FortiWAN-VM.

  • Content of “Administration > License Control” was updated for new bandwidth capabilities that FortiWAN supports.
  • Content was added to “Notification” for the support to notify via secure SMTP. l Content was added to “Statistics > Connection Limit” for the Abort function.
  • Content was added to “Multihoming” for the support to evaluate an A record query by its IPv6 source and an AAAA record query by its IPv4 source.
  • Content of “Configurations for a WAN link in Bridge Mode: One Static IP” and “Configurations for a WAN link in Bridge Mode: Multiple Static IP” was updated for supporting IPv6 default NAT rule.
  • Content of “Administration > Firmware Update” and “FortiWAN in HA (High Availability) Mode” was updated for the new firmware update mechanism under HA deployment.

Document enhancements

  • For the new features that Reports supports, new topics “Dashboard”, “Reports Settings”, “Reports

Settings > Reports”, “Reports Settings > IP Annotation”, “Reports Settings > Dashboard Page Refresh Time”, “Reports Settings > Email Server” and “Reports Settings > Disk Space Control” were added , and content of “Reports” and “Create a Report” was updated.

  • Content was added to “Using the Web UI” for the support to evaluate traffic by its Input Port.
  • For the new CLI command arp and enhanced command resetconfig, correspondent content was

added and updated to “Console Mode Commands”.

  • Content of “Connecting to the Web UI and the CLI”, “Administration > Administrator and Monitor Password” and “Appendix A: Default Values” for the updated local authentication mechanism. l Content was added to “Using the Web UI” for supporting concurrent multiple logins.
  • The parameters of CLI command sysctl were fixed from “sip_helper” and “h323_helper” to “siphelper” and “h323-helper” (See “Console Mode Commands”).

FortiWAN 4.0.6 l None FortiWAN 4.0.5 l None

FortiWAN 4.0.4 l Content was enhanced for Reports > Session (See “Reports > Session”).

  • Content was enhanced for Virtual Server (See “Load Balancing & Fault Tolerance” and “Virtual Server” ) and Persistent Routing (See “Persistent Routing”). FortiWAN 4.0.3
  • Revision 2
  • Topic “Web UI and CLI Overview” was reorganized and content was enhanced on connecting to Web UI and CLI (See “Connecting to the Web UI and the CLI”), Web UI operations (See “Using the web UI”) and CLI commands (See “Console Mode Commands”).
  • Content was enhanced on account management, RADIUS, and firmware update (See

“Administration”).

  • Content was enhanced for NAT, NAT default rule in pages “NAT”, “Configurations for a WAN link in Routing Mode”, “Configurations for a WAN link in Bridge Mode: Multiple Static IP” and “Configurations for a WAN link in Bridge Mode: One Static IP”.
  • Content was enhanced for the state of peer information in page “Summary”.
  • A new topic “Reports Database Tool” was added, and Reports related topics are enhanced (See “Reports Database Tool”, “Reports”, and “Enable Reports”).
  • Revision 1 l Add a new page “Default port mappings” in section “How to set up your FortiWAN > Planning the network topology”.
  • Content was changed and enhanced for pages “Configurations for VLAN and Port Mapping”, “WAN, LAN and DMZ”, “WAN link and WAN port” and “Configuring your WAN”.
  • Content was changed and enhanced for Tunnel Routing. New subsections were added “GRE Tunnel”, “Routing”, “How the Tunnel Routing Works”. Subsections were enhanced “Tunnel Routing – Setting” and “Tunnel Routing – Benchmark”.

FortiWAN 4.0.2

  • A note about the restrictions on duplicate configurations of group tunnel was added in Tunnel Routing.
  • Content was enhanced for Multihoming in sections “Prerequisites for Multihoming”, “DNSSEC Support”, “Enable Backup”, “Configurations”, “Relay Mode”and “External Subdomain Record”.
  • Content was changed and enhanced for WAN Link Health Detection and FortiWAN in HA (High

Availability) Mode.

  • A typographical error in Introduction > Scope was fixed.

FortiWAN 4.0.1

  • The default username to login to Command Line Interface (Console Mode) was fixed from

“administrator” to “Administrator” in Using the web UI and the CLI and Appendix A: Default Values.

  • The reference for information on console command in Administration > Maintenance was fixed from “Appendix A: Default Values” to “Console Mode Commands”.

 


Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

This entry was posted in Administration Guides, FortiWAN and tagged on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.