Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Magnitude_8
New Contributor III

Created on ‎01-07-2025 03:21 PM

FortiExtender stops working on FortiOS 7.4.6

I've discovered what looks like a bug in FortiOS 7.4.6 and am posting this in case anyone else runs into the same issue. It's not currently listed as a known issue in the release notes.

 

After upgrading to FortiOS 7.4.6 on our FortiGate-80F firewalls, the connected FortiExtender stops working. The FortiExtender goes offline on the FortiGate. You can't re-authenticate the FortiExtender and if you delete it you can no longer add it again. This looks like a CAPWAP bug.

 

This is reproduceable on FortiGate-80F firewalls and downgrading to FortiOS 7.4.5 resolves the issue. FortiGate-60F doesn't seem to be affected and I haven't tested any other models.

 

I've logged a case with Fortinet so hopefully it appears as a known issue soon.

Labels:
2160
14 REPLIES 14
Magnitude_8
New Contributor III
In response to Kangming

Created on ‎01-13-2025 07:58 PM

Yes, the FortiExtender gets an IP address from the DHCP server and I can ping it from the FortiGate. The same applies with a static IP. I can also browse to the web interface.

432
0 Kudos
Kangming
Staff
Staff
In response to Magnitude_8

Created on ‎01-14-2025 09:53 AM

This command should fix your problem. FortiExtender will likely take 60 to 300 seconds to complete the attempt to connect to the cloud.

 

FX211ETQ21003196 (management) # show
config system management
<b>set discovery-type fortigate</b>
FX211ETQ21003196 (management) #

Thanks

Kangming

404
0 Kudos
Magnitude_8
New Contributor III
In response to Kangming

Created on ‎01-14-2025 04:03 PM

Manually setting the discovery type did not resolve the issue for me.

380
0 Kudos
Godfreyagr
New Contributor II
In response to Kangming

Created on ‎01-15-2025 01:27 AM

I am using LTE, to achieve vxlan over IPSEC

364
0 Kudos
IrshadK
New Contributor

Created on ‎03-24-2025 11:38 PM Edited on ‎03-24-2025 11:53 PM

HA and LACP Stops Working - v7.4.6 And v7.4.7

 

I have observed the same problems with HA and LACP with versions v7.4.6 and v7.4.7 on platform FGT601F. It will work for some hours, then the network will be completely gone, total outage.

 

Upon checking the logs from Core-Switches, we have observed that the LACP ports are suspended from the EtherChannel due to no LACP packets from FortiGate. This can be resolved by configuring LACP static/on at both switch and firewall ends.

 

Again another problem faced, HA. The logs state that HA-packets missed on both configured HA-ports, and switching to active.

 

Once reverted back to previous running version v7.2.10, everything started working fine.

 

It seems like FortiGate stops sending packets like, HA-hellos, LACP hellos, etc.

52
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.