Hello, We use two FortiGate 3700D (HA cluster) running FortiOS v5.2.3 build670 (GA), managed from FortiManager v5.2.2-build0706 150415.
We run a FortiAuthenticator v4.00-build0019-20151007-patch00
We 'd like to upgrade all to last versions: FortiManager and FortiOS to v5.4, FortiAuthenticator to 4.1.
These upgrades are validated for FortiManager and FortiOS.
http://docs.fortinet.com/uploaded/files/2902/fortimanager-compatibility.pdf
About FortiAuthenticator, the Release Notes v4.1 (last version) says:
FortiAuthenticator™ 4.1 supports the following FortiOS versions: FortiOS v5.0 Patch Release 12 FortiOS v5.2 Patch Release 4 Other FortiOS versions may function correctly, but may not be supported by Fortinet.
http://docs.fortinet.com/...c-release-notes-41.pdf
Does someone try and run a FortiManager/FortiOS v5.4 with FortiAuthenticator to 4.1?
Regards, Chris
Solved! Go to Solution.
I do use local RADIUS and have no problems with it currently. I have FGT-VMs, FGT-100Ds, FMG, FAZ, and FortiMail all authenticating against local RADIUS service on FAC. Almost all of those are at v5.4.0. Some of the VMs are 5.2.7 or various versions I need to test in my lab for troubleshooting or proof-of-concept.
I am not using the local certificate authority. I did use in a previous version and can confirm that v4.1.0 does fix a bug that affected me. Previously, there was a bug where local CAs on the FAC could not be deleted. Sometimes, but no always, the CA would not delete even when there were no dependencies. In v4.1.0 I was able to delete all local CAs.
Chris,
Did you ever get a response to this?
I'm currently testing a FortiAuthenticator-VM v4.1 with a couple FortiGate-VM's v5.4.0. Would be nice to know if they're supposed to work together before I do much more testing!
Then again, I won't be putting this in production until FortiOS 5.4.1 is out and I've had some time to test it...
I use FortiAuthenticator v4.1.0 with FortiGate 100Ds on FortiOS 5.4.0 and with FortiGate-VMs on FortiOS 5.2.7 and FortiOS 5.4.0. So far, all is well except for the non-functional local LDAP service on FAC (supposed to be fixed in the upcoming v4.1.1).
My FortiGate-VMs are all non-production but they get a lot more workout in my lab environment than some production systems do.
Thanks for the info Michael. Useful to know the 4.1.0's FAC's local LDAP service isn't working - I checked out your other thread on that.
Have you been using the 4.1.0 FAC's local RADIUS or local Certificate Authority? I'm planning to use both, with the local RADIUS also serving for 802.1x authentication. Hoping to get some time to start VM tests tomorrow.
I do use local RADIUS and have no problems with it currently. I have FGT-VMs, FGT-100Ds, FMG, FAZ, and FortiMail all authenticating against local RADIUS service on FAC. Almost all of those are at v5.4.0. Some of the VMs are 5.2.7 or various versions I need to test in my lab for troubleshooting or proof-of-concept.
I am not using the local certificate authority. I did use in a previous version and can confirm that v4.1.0 does fix a bug that affected me. Previously, there was a bug where local CAs on the FAC could not be deleted. Sometimes, but no always, the CA would not delete even when there were no dependencies. In v4.1.0 I was able to delete all local CAs.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.