bommi
Contributor III
2 Solutions
cryptochrome

Wow, this release is a true bug fest. I don't even know where to begin.

 

[ul]
  • DNAT Static NAT without port forwarding (e.g. 1:1 NAT) not working, broken
  • Enable a rule with URL Filtering: Firewall doesn't forward traffic for other rules (packets disappear in Nirvana)
  • Rule with URL Filtering set to DENY logs completely unrelated allowed traffic (it logs session close for allowed traffic of other rules)
  • Web Filter log is not working (it logs nothing) - blocked/allowed URLs appear in App Filter log instead[/ul]

     

    Those are just a few things that I noticed. 

    Arent's they ashamed of themselves putting something like that out in the wild? I would be.

  • View solution in original post

    SecurityPlus

    Yes, we encountered these two issues on a FortiGate 60E. In spite of my previous statement, I think that both errors occurred on the same firewall. We upgraded another ForthGate 60D with no other problems noted.

     

    1. Log & Report / System Events / Application crashed

    application: ipsengine 04.021

    I was told that this has been reported in bug id: 0506672 and that this requires an upgrade to the IPS engine to version 4.0023

    I made the upgrade to 4.0023 but prior to the upgrade the system event crashes stopped appearing

    No further issues with this issue have been noticed

     

    2. https://www.gotoassist.me certificate warning. Using deep inspection. Forti_ssl certificate was installed on the browser. The certificate for this website was signed by Fort_CA_untrusted. I was told that the Fortiguard team is working on the certificate bundle. They are saying it will be added in certificate bundle 1.00013.

    I was told that I could run:

    You can run the following command to update your bundle : execute update-now To check if it is updated then run diagnose autoupdate versions

    I have not tested this issue further.

     

    No additional issues with 6.0.2 noticed.

    View solution in original post

    25 REPLIES 25
    emnoc
    Esteemed Contributor III

    Logging stop on 6.0.2 { syslog }, was force to reboot and all is okay now.

     

    PCNSE 

    NSE 

    StrongSwan  

    pabloalcantara

    SecurityPlus wrote:

    Yes, we encountered these two issues on a FortiGate 60E. In spite of my previous statement, I think that both errors occurred on the same firewall. We upgraded another ForthGate 60D with no other problems noted.

     

    1. Log & Report / System Events / Application crashed

    application: ipsengine 04.021

    I was told that this has been reported in bug id: 0506672 and that this requires an upgrade to the IPS engine to version 4.0023

    I made the upgrade to 4.0023 but prior to the upgrade the system event crashes stopped appearing

    No further issues with this issue have been noticed

     

    2. https://www.gotoassist.me certificate warning. Using deep inspection. Forti_ssl certificate was installed on the browser. The certificate for this website was signed by Fort_CA_untrusted. I was told that the Fortiguard team is working on the certificate bundle. They are saying it will be added in certificate bundle 1.00013.

    I was told that I could run:

    You can run the following command to update your bundle : execute update-now To check if it is updated then run diagnose autoupdate versions

    I have not tested this issue further.

     

    No additional issues with 6.0.2 noticed.

     

    Hi, It´s possible to you share the engine?

    I have the ticket opened, but I having serius problems..

    SecurityPlus

    ipsengine 04.021 Was the engine that I originally had issue with. Running OK last I checked.
    slawek

    How to disable the educational mode for YouTube in version 6.0.2?

    There is no switch known from the old versions.

    Salas
    New Contributor

    In 2 weeks I upgraded 15  60D firewalls to 6.0.2.

    This week 3 of them rebooted without any reason.

     

    Salas

    2 more 60d's crashed with reboot this night.