Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mrandrew
New Contributor II

SSH "as a service" Not Working on FortiWiFi Running 5.2.5

I use a product from Solarwinds called Cattools to automate nightly backups of the firewall configurations.  This software handles most every device on our network including Dell switches, Cisco Switches/Routers/Firewalls/Access Points, and FortiGates.  The software runs as a service on Windows Server 2008 R2.  Every night at 8PM, the schedule kicks off.  The software opens an SSH session to each device and does a Cisco equivalent of "show run" and saves the output to a file on the server.  I have 60D Fortigates running 5.0.7 and 2 800Cs in HA running 5.2.4.  All of these devices work fine.  I just deployed a FortiWiFi 60D running 5.2.5 and I cannot get this to work at all.  I contacted Solarwinds and they stated that this is documented as a bug by Fortinet.  The number they provided is 0300588.  I have support for this device, but I've been unable to get good information about this bug and when it will be fixed from support.  1.  I wondered from anyone out here if there was a secure page that customers can go to do bug research?  I can do this on Cisco's web page.  2.  If not, does anyone know anything about this.  We have to have this ability to backup the configuration for PCI compliance.  Cattools sends a report every day after the backups and will tell us if the configuration has changed.  There are some other file management things that the software does as well.

 

Thanks

 

mrandrew

Andrew

2 REPLIES 2
Toshi_Esumi
Esteemed Contributor II

I know anything about the bug. But since you mentioned it works with 800C/5.2.4, I would recommend trying 5.2.4, or even 5.2.3. Either 5.2.4 or 5.2.5 introduced a different problem to our 60D installation to our customers. So we went back to 5.2.3.

mrandrew

Issue was resolved.  Received this from Fortinet:

 

“We are not supporting 1024 SSH algorithm in 5.2.7 or any new firmware beyond this via General Release (on 5.2.x family) You need to use tools that can support 2048”

 

Solarwinds released an update for Cattools that fixed the issue.  Version 3.11.

 

 

Andrew