FortiGate wireless controller What’s new in FortiOS Version 4.0 MR1
FortiGate Version 4.0 MR1 Administration Guide
44 01-410-89802-20090903
http://docs.fortinet.com/ • Feedback
Force UTF-8 login
To facilitate authentication with some LDAP servers, the login credentials must use UTF-8
encoding. Enable this as follows:
config vpn ssl settings
set force-utf8-login enable
end
FortiGate wireless controller
Most FortiGate units, but not FortiWiFi models, can act as a wireless network controller,
managing the wireless Access Point (AP) functionality of FortiWiFi units. All units must be
running the most FortiOS 4.0 MR1 firmware.
For more information, see “Wireless Controller” on page 703.
Interface status detection for gateway load balancing
FortiOS 4.0 MR1 interface status detection now includes enabling up to three different
protocols to confirm that an interface can connect to the IP address of a server. Usually
the server is the next-hop router that leads to an external network or the Internet.
For more information, see “Interface status detection for gateway load balancing” on
page 193.
Enhanced ECMP route failover and load balancing
Previous versions of FortiOS provided source IP-based load balancing for ECMP routes.
FortiOS 4.0 MR1 includes three configuration options for ECMP route failover and load
balancing:
For more information, see “ECMP route failover and load balancing” on page 344.
SCEP extensions
FortiOS 4.0 MR1 supports automatic update of system certificates. When a certificate is
about to expire, the FortiGate unit uses SCEP to request and download a new certificate.
This applies to both Local and CA certificates. You can also configure periodic updating of
a Certificate Revocation List (CRL).
Source based
(also called
source IP based)
The FortiGate unit load balances sessions among ECMP routes based on the
source IP address of the sessions to be load balanced. This is the default load
balancing method. No configuration changes are required to support source IP
load balancing.
Weighted (also
called
weight-based)
The FortiGate unit load balances sessions among ECMP routes based on
weights added to ECMP routes. More traffic is directed to routes with higher
weights.
Spill-over (also
called
usage-based)
The FortiGate unit distributes sessions among ECMP routes based on how busy
the FortiGate interfaces added to the routes are.
After selecting spill-over you add route Spillover Thresholds to interfaces added
to ECMP routes. The FortiGate unit sends all ECMP-routed sessions to the
lowest numbered interface until the bandwidth being processed by this interface
reaches its spillover threshold. The FortiGate unit then spills additional sessions
over to the next lowest numbered interface.
The Spillover Thresholds range is 0-2097000 KBps.
To Next Page
Loading...
Need help?
General