Logging and Reporting

Logging and Reporting   New Features A new error log message is recorded when the Antispam engine request does not get a response from FortiGuard (265255) Error code is ‘sp_ftgd_error‘.   New Report database construction (280398 267019) This will improve performance with reports and FortiView without requiring any configuration changes.   Communication between FortiGate and […]

Load Balancing

Load balancing ChaCha20 and Poly1305 cipher suites added for SSL load balancing (264785) FortiOS 5.4 adds support for ChaCha20 and Poly1305 for SSL load balancing (see RFC 7539 for information about ChaCha20 and Poly1305). You can use the following command to view the complete list of supported cipher suites:   config firewall vip edit <vip-name> […]

IPv6

IPv6   DHCPv6 server is configurable in delegated mode (295007) Downstream IPv6 interfaces can receive address assignments on delegated subnets from a DHCP server that serves an upstream interface.   DHCPv6-PD configuration Enable DHCPv6 Prefix Delegation on upstream interface (port10): config system interface edit “port10” config ipv6 set dhcp6-prefix-delegation enable end end   Assign delegated […]

IPsec VPN

IPsec VPN   IKE/IPsec Extended Sequence Number (ESN) support (255144) This feature implements negotiation of 64-bit Extended Sequence numbers as described in RFC 4303, RFC 4304 as an addition to IKEv1, and RFC 5996 for IKEv2.   Updates and enhancements to the IPsec VPN wizard (222339 290377 287021 289251) The IPsec VPN wizard has been […]

High Availability

High Availability FGCP supports BFD enabled BGP graceful restart after an HA failover (255574) If an HA cluster is part of a Border Gateway Protocol (BGP) bidirectional forwarding detection (BFD) configuration where both the cluster and the BGP static neighbor are configured for graceful restart, after an HA failover BGP enters graceful restart mode and […]