Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
wcruvinel
Staff
Staff

Created on ‎04-29-2025 04:09 AM Edited on ‎04-29-2025 05:21 AM By Community Manager

Article Id 389751

Technical Tip: Device authorization limit when using FortiGate with 2 GB RAM as Fabric Root

Description

This article describes the new device authorization limit introduced for FortiGate models with 2 GB RAM when acting as the Security Fabric Root.

 

Starting from FortiOS enhancements aimed at reducing memory usage, FortiGate models with 2 GB of RAM are now limited to managing a maximum of five (5) downstream devices when configured as the Fabric Root.
This change is intended to maintain system stability and security for devices with lower memory resources.
Scope FortiGate models with 2 GB RAM (e.g., 40F, 60E, 60F, 80E, and 90E series).
Solution

When using FortiGate low-end devices (2 GB of RAM) as the Security Fabric Root, there is a limit of five authorized devices.
This includes all devices connected to and managed by the Fabric, such as FortiSwitches, FortiAPs, FortiExtenders, and downstream FortiGates.

 

The affected models include:

  • FortiGate-40F series.
  • FortiGate-60E series.
  • FortiGate-60F series.
  • FortiGate-80E series.
  • FortiGate-90E series.

 

The five-device limit applies only when a low-end FortiGate is configured as the Security Fabric Root, and the downstream devices are not impacted by this restriction.
For the necessity to manage more than five devices, it is necessary to upgrade to a mid-range model such as the FortiGate 100F series (or later), which does not have this limitation.
This restriction was introduced to ensure the stability and security of smaller FortiGate models, where memory capacity is more limited.

 

See the following related documents about restrictions, optimization options to improve performance, and a table listing all models to help identify a suitable mid-range FortiGate for replacing low-end devices:

Configuring the root FortiGate and downstream FortiGates

Administrative settings

Technical Tip: Script for reducing memory usage in small FortiGates experiencing conserve mode

Technical Tip: Security Fabric disabled after upgrade to FortiOS v7.2.6 or v7.4.1 and above

FortiGate models with 2 GB RAM can be a Security Fabric root
653
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.