FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
In FortiGate broadcast traffic is handled by multicast policy instead of normal firewall policy.
By default there is only multicast address in 'config firewall multicast-address', to allow broadcast to pass through the FortiGate you need to configure broadcast address and apply it into multicast-policy.
config firewall multicast-address edit "all" set start-ip 220.127.116.11 set end-ip 18.104.22.168 next end
1. Configure broadcast forwarding on interface:
config system interface edit internal set broadcast-forward enable next edit wan1 set broadcast-forward enable end
2. Configure broadcast address:
config firewall multicast-address edit "allbroadcast" set type broadcastmask set subnet 255.255.255.255 255.255.255.255 end
3. Configure multicast policy:
config firewall multicast-policy edit 1 set srcintf "any" set dstintf "any" set srcaddr "all" set dstaddr "allbroadcast" next end
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.