Technical Tip: Broadcast-forward command is ignored in Transparent Mode

The 'broadcast-forward' attribute in the 'config system interface' is not used by design from v6.2 in Transparent Mode.

The 'broadcast-forward' attribute is for NAT mode only.

Example:

• From CLI:

FGT-1 (global)# show system interface wan1

config system interface

    edit "wan1"

        set vdom "vdom-a"

        set allowaccess ping https ssh http     <----- Set broadcast-forward disable by default.

        set l2forward enable

        set type physical

        set snmp-index 13

    next

end

FGT-1 (wan1)# get | grep broadcast-forward

broadcast-forward : disable

FGT-1 (global)# show system interface wan2

config system interface

    edit "wan2"

        set vdom "vdom-a"

        set allowaccess ping https ssh http         <----- Set broadcast-forward disable by default.

        set l2forward enable

        set type physical

        set snmp-index 15

    next

end

FGT-1 (wan2)# get | grep broadcast-forward

broadcast-forward : disable

Send broadcast traffic from a user to FortiGate. FortiGate forwards broadcast traffic to interfaces.

2024-11-26 16:30:39.382242 wan2 in 10.130.78.3.12345 -> 10.130.78.255.137: udp 0   <----- FortiGate receives broadcast traffic from a user.

0x0000   ffff ffff ffff 000c 2954 11a4 0800 4500        ........)T....E.          

0x0010   001c 0001 0000 4011 c8ca 0a82 4e03 0a82        ......@.....N...

0x0020   4eff 3039 0089 0008 1d16                       N.09......

2024-11-26 16:30:39.382296 wan1 out 10.130.78.3.12345 -> 10.130.78.255.137: udp 0  <----- FortiGate forwards broadcast traffic when broadcast-forward is disabled.

0x0000   ffff ffff ffff 000c 2954 11a4 0800 4500        ........)T....E.

0x0010   001c 0001 0000 4011 c8ca 0a82 4e03 0a82        ......@.....N...

0x0020   4eff 3039 0089 0008 1d16                       N.09......