Skip to main content
Alienated
Alienated
New Member
March 29, 2018
Question

Fortigate 300D 5.6.0 > 5.6.3

  • March 29, 2018
  • 1 reply
  • 2568 views

I am looking to upgrade the firmware on my 300D and have been reading through the release notes. There is one section I am hoping to get some clarification on.

 

Under the Upgrade Information section there is a little note:

 

After upgrading, if FortiLink mode is enabled, you must manually create an explicit firewall policy to allow RADIUS traffic for 802.1x authentication from the FortiSwitch (such as from the FortiLink interface) to the RADIUS server through the FortiGate.

 

I have fortilink mode enabled but I haven't configured any 802.1x settings at all. We have a FortiAuthenticator that we use for SSL-VPN but otherwise I don't believe we are using the RADIUS server for anything else.

 

Has anyone else had issues with the upgrade in regards to these settings? What did you have to do and what did your policy look like.

 

Any help or advice would be greatly appreciated.

 

Our network is fairly small, only about 100 users with around 8 switches.

    1 reply

    ericli_FTNT
    Staff
    ericli_FTNT
    Staff
    March 29, 2018

    BBOUCHER wrote:

    I am looking to upgrade the firmware on my 300D and have been reading through the release notes. There is one section I am hoping to get some clarification on.

     

    Under the Upgrade Information section there is a little note:

     

    After upgrading, if FortiLink mode is enabled, you must manually create an explicit firewall policy to allow RADIUS traffic for 802.1x authentication from the FortiSwitch (such as from the FortiLink interface) to the RADIUS server through the FortiGate.

     

    I have fortilink mode enabled but I haven't configured any 802.1x settings at all. We have a FortiAuthenticator that we use for SSL-VPN but otherwise I don't believe we are using the RADIUS server for anything else.

     

    Has anyone else had issues with the upgrade in regards to these settings? What did you have to do and what did your policy look like.

     

    Any help or advice would be greatly appreciated.

     

    Our network is fairly small, only about 100 users with around 8 switches.

    Hi there,

     

    The potential reason of that issue is because FortiAuthenticator is moving down to FSW. So for allowing traffic passing from fortilink to the gateway port of the FGT, you would need to configure an explicit firewall policy from the fortilink interface, to allow Radius traffic.

    Terms & ConditionsAccessibility statement