- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Questions - FG30E and FG50E logging/DMZ + HR4860W ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Questions - FG30E and FG50E logging/DMZ + HR4860W OEM FG-61E FortiOS compatibility
Hello Fortinet Comunity, I'm new with Fortinet products, and I'm looking a FW Fortinet (with VPN site-site and DMZ capabilities) as starting point for learn implementing and administering platforms like Fortigate 2000E (v6.2.3 build 1066), and searching into datasheets and FortiOS 6.2.3 supported platforms, I have the following questions:
1) Regarding lack of local logging and reporting capabilities of FG30E and FG50E, this can be solved with any Syslog server where logs and info reporting can be exported, right?.
2) Can FG30E and FG50E support VPN site-site and DMZ (even if they haven't a dedicated DMZ interface like FG-61E)?
3) I find a HR4860W that is an OEM FG-61E, those OEM devices can support FortiOS 6.2.3 or be upgraded with any FortiOS version for FG-61E (as any other FG-61E)?.
Regards.
12 REPLIES 12
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
RLED wrote:1) Regarding lack of local logging and reporting capabilities of FG30E and FG50E, this can be solved with any Syslog server where logs and info reporting can be exported, right?.
yes, they can send their logging to a syslog server or FortiAnalyzer
RLED wrote:2) Can FG30E and FG50E support VPN site-site and DMZ (even if they haven't a dedicated DMZ interface like FG-61E)?
yes, the labels on ports are usually just that, labels. exception is management port which should not be used for actual traffic.
RLED wrote:3) I find a HR4860W that is a OEM FG-61E, those OEM devices can support FortiOS 6.2.3 or be upgraded with any FortiOS version for FG-61E (as any other FG-61E)?.
no personal experience but this reddit thread says yes: https://www.reddit.com/r/...ortigate_60d_question/
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
For 1), or FortiCloud. With some limitations (last 7 days), it's free.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello, @boneyard+@toshiesumi, thanks for your answers.
Also, I'm looking into the other platforms that support FortiOS 6.2.3 (https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/8a24425a-72a1-11ea-9384-005056...), and I find a 100-D, however, as in "Disk Logging" filed appears that could have this feature or not, one of those 100-D I'm interested shows in " get system status" command output "Log hard disk: Available", ¿Does it mean that actually support Disk logging feature?.
Regards.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I think so. However, those NP4Lite NPU models are no longer supported from 6.2. 6.0.x is the last FortiOS for 60Ds.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
toshiesumi wrote:I think so. However, those NP4Lite NPU models are no longer supported from 6.2. 6.0.x is the last FortiOS for 60Ds.
Hello @toshiesumi: Do you say that even if FortiOS 6.2.3 compatibility matrix says that 60D are supported, actually Fortinet is labeling this family as EOL?.
RLED wrote:Also, I'm looking into the other platforms that support FortiOS 6.2.3 (https://fortinetweb.s3.am...X-623-202003-R31.pdf), and I find a 100-D, however, as in "Disk Logging" filed appears that could have this feature or not, one of those 100-D I'm interested shows in " get system status" command output "Log hard disk: Available", ¿Does it mean that actually support Disk logging feature?.
Also, I’m still looking for a 100D, as it’s within the FortiOS 6.2.3 compatibility matrix, however, this platform is no longer supported or next to EOL? Or, could be a good starting point for learn Fortinet and be prepared for administering models like 2000E?.
Regards.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Look a little closer to the matrix. There is no 60D listed. Only 60E, 60F, 600D, etc. The release notes says the same:
As far as I know 60D and 200D are dropped from the support by 6.2 or later because of NP4lite NPU. On the other hand 100D doesn't have NPU, only CP8. So it's still in the list as you might have noticed.
Speaking of end of life, they announce End of Support(EOS) datas for older models. If you have a support login, you can see it at the support site. But by assuming you don't, those models EOS dates are below:
100D - 2023-07-26
60D - 2023-090-23
The last support contract renewal date is a year before the EOS dates, because the shortest contract term is one year. Just note that even after EOS dates, they never stop working unless the hardware broke. You just can't have any support and you run them at your own risk.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Forgot to mention, after EOS date there is no FortiGuard services, like UTM, etc.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Toshi Esumi:
toshiesumi wrote:Sure, I didn't mention the 60D in my original or latter posts, as in my initial review of 6.2.3 compatibility matrix the 60D's weren't present, actually you mentioned that platform in this thread, so I wanted to clarify:
Look a little closer to the matrix. There is no 60D listed. Only 60E, 60F, 600D, etc. The release notes says the same:https://docs.fortinet.com...n-and-supported-models
toshiesumi wrote:And my second question:
I think so. However, those NP4Lite NPU models are no longer supported from 6.2. 6.0.x is the last FortiOS for 60Ds.
RLED wrote:
Also, I’m still looking for a 100D, as it’s within the FortiOS 6.2.3 compatibility matrix, (…), could be a good starting point for learn Fortinet and be prepared for administering models like 2000E?.
I still want to know if in your experience, 100D is a good starting point for learn Fortinet, and be prepared for administering models like 2000E.
Regards.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
it is a fine starting point, in all honesty for learning any model is fine. you are not going to get a serious benefit from 60E vs 100D or 60D vs 100D or ... there are small differences but most is the same.
but that but as mentioned just be aware that the latest available is already not possible on the 100D, so you will get more then enough out of it for the next year, perhaps two depending on how fast your production environment is going to move forward with firmware.
personally i wouldn't buy D series for a lab / learning now, i would go for at least E series. but again if you really need something now and the budget only allows D series you will be fine. also keep in mind what you buy probably comes without active UTM licence so you will be missing some functionality there if that is enabled in production.
Related Posts
- Flow-based and proxy-based inspection explanation needed 284 Views
- Discontinuation of FCNSP ERC codes for... 155 Views
- NAT traversal fixed broken BGP ? 166 Views
- Enable Feature Select in FortiClientEMS 117 Views
- FortiEDR 218 Views
Labels
-
FortiGate
6,457 -
FortiClient
1,290 -
5.2
801 -
5.4
639 -
FortiManager
562 -
6.0
416 -
FortiAnalyzer
411 -
5.6
362 -
FortiSwitch
331 -
FortiAP
327 -
FortiClient EMS
259 -
6.2
251 -
FortiMail
239 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
148 -
6.4
128 -
FortiNAC
103 -
FortiGuard
102 -
FortiGateCloud
86 -
FortiSIEM
85 -
FortiCloud Products
82 -
FortiToken
69 -
Customer Service
69 -
IPsec
68 -
4.0MR3
64 -
Wireless Controller
58 -
SSL-VPN
54 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
38 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
30 -
FortiSwitch v6.4
28 -
FortiConnect
23 -
SD-WAN
23 -
FortiWAN
22 -
FortiConverter
21 -
High Availability
20 -
Firewall policy
20 -
VLAN
18 -
FortiPortal
17 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiMonitor
14 -
Certificate
14 -
FortiDDoS
13 -
Routing
12 -
FortiCASB
12 -
SAML
11 -
BGP
11 -
DNS
11 -
Interface
11 -
FortiGate v5.0
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
LDAP
9 -
FortiManager v5.0
9 -
4.0MR2
9 -
Logging
9 -
RADIUS
8 -
Traffic shaping
8 -
Virtual IP
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
NAT
7 -
FortiAuthenticator
7 -
Admin
7 -
FortiGate v4.0 MR3
7 -
4.0
7 -
Fortigate Cloud
6 -
IP address management - IPAM
6 -
SSID
5 -
Security profile
5 -
Traffic shaping policy
5 -
Authentication
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
Static route
5 -
FortiManager v4.0
5 -
FortiDirector
4 -
SSL SSH inspection
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
packet capture
3 -
FortiToken Cloud
3 -
Automation
3 -
Intrusion prevention
3 -
DoS policy
3 -
FortiTester
3 -
Port policy
3 -
FortiDB
3 -
IPS signature
3 -
FortiDeceptor
2 -
FortiInsight
2 -
Antivirus profile
2 -
VoIP profile
2 -
Traffic shaping profile
2 -
Web profile
2 -
FortiAP profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
trunk
2 -
NAC policy
1 -
SDN connector
1 -
4.0MR1
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Web rating
1 -
Application signature
1 -
Authentication rule and scheme
1 -
Multicast routing
1 -
Zone
1 -
FortiManager-VM
1 -
Fabric connector
1 -
Internet Service Database
1 -
Fortinet Engage Partner Program
1 -
System settings
1 -
Explicit proxy
1 -
TACACS
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.