Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
storaid
Contributor

FortiOS v5.6.1 is released...!!

well...

after long time ago, now it's out...

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2

FSW224B x1

6 Solutions
storaid
Contributor

annoying bug..

JSON string....=^=

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2

FSW224B x1

View solution in original post

emnoc
Esteemed Contributor III

Other problems noted in 5.6

 

 

1: the  diag debug flow show console enable is missing as a option

 

2: still can NOT upload a  x509 certificate via GUI ( pkcs12  or  via pem cert+key )

 

3: a valid certificate self-sign  for admingui access does NOT work no matter how or what type of certificate that we try to craft standard, wildcard or SAN if we paste it in via the cli "config vpn certificate local "

 

More to come ;)

 

PCNSE 

NSE 

StrongSwan  

View solution in original post

emnoc
Esteemed Contributor III

Again my  FWF60D has hungs up.  We thought it crashed but come to find out the  HTTP process is hung.  Since this is a remote hosted FW, I'm downgrading ....Sorry but v5.6.1 is a no-go for me ;(

 

 

PCNSE 

NSE 

StrongSwan  

View solution in original post

storaid

inexplicable radius server test:

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2

FSW224B x1

View solution in original post

pcraponi
Contributor II

Maybe it's a database migration? Have you tried to format log-disk?

Regards, Paulo Raponi

View solution in original post

thuynh_FTNT

keij wrote:

I can not see Local traffic (Fortigate's self traffic) in Foriview of ver5.6.1. In 5.2 were able to see the fortigate local traffic. Is it no longer visible in the 5.6 series?

Hi Keij, that is correct. We do not show local traffic in FortiView starting 5.6.0

View solution in original post

102 REPLIES 102
thuynh_FTNT

keij wrote:

I can not see Local traffic (Fortigate's self traffic) in Foriview of ver5.6.1. In 5.2 were able to see the fortigate local traffic. Is it no longer visible in the 5.6 series?

Hi Keij, that is correct. We do not show local traffic in FortiView starting 5.6.0

keij

 

Hi Keij, that is correct. We do not show local traffic in FortiView starting 5.6.0

 

Thank you thuynh_FTNT.

I hope that function will be revived at the next revision.

 

hop_FTNT

Hi Andy,

 

"Xfer-fas" refers to FortiCloud. This message means FGT tried to submit files to FortiCloud based on Analytics config in AV profile. Please note, every day a free FortiSandbox account can submit ONLY 10 files to FortiCloud. The rest files will be dropped. I guess that is the reason you see the log every 10 minutes.

 

Would you please provide a full log entry, AV profile config, and FortiCloud account info, if you need further investigation.

 

Andy Bailey wrote:

One is this system log:-

 

"5 files were dropped by quard to xfer-fas: 0 reached max retries, 5 reached TTL." with a reason of "poor-network-condition"

 

These messages are occurring every 10 minutes and have been since the upgrade. There were no changes in config before the upgrade and I wasn't seeing this message previously. A bit of googling and searching these forums suggests it may relate to FortiAnalyer- but I don't have one, so this seems unlikely. Everything else is running well so I don't think this message relates to WAN connectivity. Any ideas anyone?

 

andrewbailey

hop wrote:

Hi Andy,

 

"Xfer-fas" refers to FortiCloud. This message means FGT tried to submit files to FortiCloud based on Analytics config in AV profile. Please note, every day a free FortiSandbox account can submit ONLY 10 files to FortiCloud. The rest files will be dropped. I guess that is the reason you see the log every 10 minutes.

 

Would you please provide a full log entry, AV profile config, and FortiCloud account info, if you need further investigation.

 

Andy Bailey wrote:

One is this system log:-

 

"5 files were dropped by quard to xfer-fas: 0 reached max retries, 5 reached TTL." with a reason of "poor-network-condition"

 

These messages are occurring every 10 minutes and have been since the upgrade. There were no changes in config before the upgrade and I wasn't seeing this message previously. A bit of googling and searching these forums suggests it may relate to FortiAnalyer- but I don't have one, so this seems unlikely. Everything else is running well so I don't think this message relates to WAN connectivity. Any ideas anyone?

 

Thanks for the reply.

 

I dont think that is the issue- here.

 

I wasn't sending anything to FortiSandbox immediately after the upgrade to 5.6.1 and was still seeing the alarms. And I do have a fully paid FortiCloud account which supports FortiSandbox.

 

A few days after the upgrade to 5.6.1 I updated my AV profiles to start sending to FortiSandbox- that's working fine now with more than 10 files per day being happily sent and analysed.

 

I'll try and collect the info you are after later- but my FortiCoud (FortiSandbox) account uses the same details (email etc) as I use here if you want to take a look.

 

Kind Regards,

 

 

Andy.

brycemd

rojekj wrote:

More annoying bug is that the sslvpn service keeps restarting, breaking all active vpn connections.

THIS FIRMWARE IS SERIOUSLY BUGGY. Unusable for people using SSL VPN.

 

Man.. Does all new versions of FortiOS needs to have bugs that makes it unusable? EVERY?!

No, seriously, now I'm pissed. It has been over a year since we have Forti, and we still cannot use it because every new firmware has some serious bug.

Are you by chance using port 4433?

 

rojekj
New Contributor III

brycemd wrote:

rojekj wrote:

More annoying bug is that the sslvpn service keeps restarting, breaking all active vpn connections.

THIS FIRMWARE IS SERIOUSLY BUGGY. Unusable for people using SSL VPN.

 

Man.. Does all new versions of FortiOS needs to have bugs that makes it unusable? EVERY?!

No, seriously, now I'm pissed. It has been over a year since we have Forti, and we still cannot use it because every new firmware has some serious bug.

Are you by chance using port 4433?

 

 Nope, I'm using 443. I have read release notes very carefuly before upgrading and I was aware not to use 4433...

But anyway, changing port is something that wont happen in 800+ users enviroment. What, reconfigure everyones FortiClient? :D

MikePruett
Valued Contributor

Loaded on my personal 61E. So far so good. Fixes a lot of bugs but does still maintain some of the annoying ones I REALLY wish would go away.

thuynh_FTNT

MikePruett wrote:

Loaded on my personal 61E. So far so good. Fixes a lot of bugs but does still maintain some of the annoying ones I REALLY wish would go away.

Hi Mike, can you elaborate (with bug number if you have)? We can review those cases.

rojekj
New Contributor III

Another issue - cannot sync HA cluster in active-passive mode. Slave device always show out of sync.

This is is just too much for me. I've downgraded to 5.6.0, as this one has bugs that I can live with...

hop_FTNT
Staff
Staff

@Andy Bailey @SMabile @brycemd @bommi Send "Suspicious Files Only" option is always available in CLI. It is not available on GUI when create a new AV profile since 5.4.1. However, if you turn it on from CLI, GUI will still display it.

 

BTW, the GUI behavior, an option is shown on GUI only after it is configured from CLI, is adopted in some FOS GUI pages. For example, in proxy mode vdom, when a new AV profile is created on GUI, you WONT be able to see Inspection Mode option and Scan Mode option. Inspection Mode option and Scan Mode option starts to be shown on GUI once inspection-mode is explicitly set to flow from CLI.