Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
James_G
Contributor III

FortiOS 6.0.9 is out

3 Solutions
simonpt
New Contributor III

ValentinoD wrote:

 

Did you experience any more issues after the last update? Did the issue that you were seeing in 6.0.8 only see for RDP coming from SSLVPN?

 

Still seeing the occasional issue with RDP over SSL VPN in 6.0.9, but not nearly as often.

 

ValentinoD wrote:

We are thinking of going to 6.0.9, and while we do not have any SSL VPN on Fortigate, we do have RDP sessions going over IPSec VPN tunnels or other directly connected links.

 

If you don't use SSL VPN, you'll be fine. RDP works okay over IPsec and other links.

View solution in original post

simonpt
New Contributor III

Another issue with 6.0.9 (and perhaps earlier versions) is where a client browsing securely to a FGT virtual server will get disconnected as soon as they send a ClientHello. This isn't reproducible on all our standard virtual servers -- only on one that I'm experimenting on with some advanced features enabled.

 

Further analysis shows that the wad process is crashing. The TAC engineer matched this to a known bug (590039) and advised me that it has been fixed in 6.2.3. When I asked if it would be backported to 6.0, I was told no, it won't, and to upgrade to 6.2.3. I've asked for an explanation on why it won't be backported and haven't heard yet. That was over three weeks ago.

 

According to Fortinet's product life cycle, FOS 6.0's engineering support doesn't end until 29 March 2021. If a daemon is crashing, I don't understand why they don't fix it. I'm certainly not keen to upgrade to a new version like 6.2 just yet.

View solution in original post

Sebastiaan_Koopmans

After upgrading it looks like (currently investigation) that we have random connectivity issues to on premise Exchange servers. They loose connection/outlook freezes sometimes with no reason.

 

Tonight we have downgraded to 6.0.8 to see if this the cause.

Keep you updated

FortiAnalyzer / 6.4.0

FortiClient / 6.2.6 FortiClient EMS VM / 6.2.6

FortiGate 300D HA 6.2.4 FortiGate 500E HA 6.2.4 FortiGate 30E / 60E / 100E / 6.0.9 FortiMail VM HA / 6.4.0 FortiSandbox VM / 3.2.0

FortiWeb VM / 6.3.2

FortiManager VM / 6.4.0

View solution in original post

21 REPLIES 21
NeilG

Maybe instead of SSLVPN to RDP you could use SSLVPN to Windows Admin (https://docs.microsoft.com/en-us/windows-server/manage/windows-admin-center/overview).

 

Doesn't cover all of the remote workloads, but might cover enough for you.

 

:)

jim3cantos

Another issue is commented in the "parallel" thread at Reddit:

We upgraded today. We are having timeout issues with fortiguard when set to https and had to switch it to udp. Have a ticket open with TAC. So far, https on port 53 or 8888 we get random timeouts when doing a fortiguard url lookup. Switching it to UDP on 8888 appears to fix it, but im guessing this leaves us vulnerable....

 

José Ignacio Martín Jiménez