Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Alby23
Contributor II
1 Solution
wcbenyip
New Contributor III

I just upgraded our box (200D, 100D, 80CM..) with the latest v5.6.0, and also upgraded the FA with the latest v5.4.2 (it needs to rebuild the DB for 2 days..) Everything seems good and the IPSec VPN, SSLVPN without any dropping after the upgrading.

 

I noticed that the "Threat Map" in v5.4.4 is gone once upgraded to v5.6.0... even it's somehow a gimmick, but it's nice if can keep in v5.6~

 

The Physical / Logical Topology is nice but I found it recognized the host in the wrong side... like an internal host located at the side of WAN1... I am not sure but I set the role as LAN for internal ports and the DMZ...

 

For the CSF (Cooperative Security Fabric).. seems I have to enable the FortiTelementry on interfaces and must to use OSPF rather than static routing.... still not yet fully experience the benefit / beauty of Security Fabric....

Protect yourself~ http://www.secunia.com MBCS CEH FCNSA

View solution in original post

23 REPLIES 23
BWiebe
Contributor

Gotta be a brave soul to have that on anything but a test box, for a few patch levels, anyways.

Alby23
Contributor II

The FortiView functionality related to Physical and Logical Topology is awesome now.

AP and Switches seen as access devices and so on. Really good shot.

emnoc
Esteemed Contributor III

I would  try it but I see they silenltly drop the FWF60D model but the FGT60D is on the supported device list.

 

Ken

PCNSE 

NSE 

StrongSwan  

dedmonds_FTNT

The FWF-60D is a supported model.  It was accidentally missed in the release notes.  An updated copy will be posted today - March 31, 2017.

Alby23

There is an ETA for FortiAnalyzer 5.6.0 GA?

 

It is mandatory in order to efficiently try the Security Fabric.

NotMine

I hope that DDNS can finally discover when public IP changes on the ISP router's public interface, as tech support promised me. One of our customers was waiting for 5.6 just for this.

 

And I must say once again: GUI is just hideous and still has that "unfinished" feel to it, just like it did in version 5.4.0. I can't understand why so little attention is given to this.

NSE 7

All oppinions/statements written here are my own.

neonbit
Valued Contributor

Upgraded my FG800C and it's been humming away nicely. No problems with SSLVPN (FortiClient 5.6beta) and IPSEC VPNs (FG 5.4.4) so far.

 

The memory utilization dropped so much, was at 50% with normal traffic and now it's at 25%.

MikePruett
Valued Contributor

Did they fix the bug where if you put a block at the very top in NGFW mode it nukes the allows beneath?

 

IE, block porn as the very first policy but allows beneath it don't work either.

Ron_Uss
New Contributor III

Nice,... I'm testing it on my FWF-50E. But, where is FG200/201E?

NSE8 #3111