To optimize memory usage on low-end FortiGate models like FortiGate and FortiWiFi 40F, 60E, 60F, 80E, and 90E, the Proxy-based feature has been removed starting v7.4.4.

It is possible to use the below command to check the FortiGate unit's total RAM.

After the upgrade to v7.4.4:

• Firewall policy inspection mode previously on proxy-mode will be converted to flow-mode.
• Security-profiles previously proxy-based will be converted to flow-based.
• Proxy-only security profiles (such as Video Filter, Inline CASB, ICAP, WAF & SSH Filter) will be removed.
• Proxy-only features, such as ZTNA, explicit proxy, or WAN optimization, will be removed.

FortiGate VMs are not affected by this change.

After FortiOS v7.6.0 for the 2 GB RAM models, the SSL VPN Tunnel Mode and Web Mode will not be available as a feature in the GUI or CLI.

The affected models are:

• FortiGate -40F/FortiWifi-40F and variants.
• FortiGate -60F/FortiWifi-60F.
• FortiGate -61F/FortiWifi-61F.
• FortiGate Rugged-60F and variants (2GB versions only).

Note:

In FortiOS v7.6.3, the physical FortiGate devices with 2 GB of RAM experienced memory usage optimizations to ensure smooth performance and reliability by adjusting memory used by some GUI features. This change prioritizes device stability and reduces the risk of performance issues.

Such features are the removal of CLI commands for caching REST API results on FortiGate, the removal of physical-/logical- topology and security rating pages in the security fabric section, and the removal of visibility in security fabric topologies from upstream fabric devices. For more information, check this Optimizations for physical FortiGate devices with 2 GB RAM v7.6.3.

Note: If the SSL/SSH Inspection Profile used before the upgrade is set to Full Inspection, ensure it is changed to Certificate Inspection after the upgrade; otherwise, the web filter may not function correctly.

Related document:

Proxy-related features no longer supported on FortiGate 2 GB RAM models 7.4.4