Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Carl_Wallmark
Valued Contributor

FortiOS 5.4.6 is out!

.

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
3 Solutions
tanr
Valued Contributor II

Anybody else running into GUI issues with 5.4.6?

 

The most annoying two I'm hitting are:

 

[ol]
  • Security Policy page in Interface Pair View always expands all SrcIntf -> DstIntf groups, regardless of whether I've collapsed them in the past.  It used to save their collapsed/expanded state.  So now every time I go to that page the section I want to work on is scrolled off the bottom.
  • Pages aren't fully loaded till you scroll down.  So on that Security Policy page, or the Services page, or many other similar ones, it only loads the visible section of the page, nothing below it.  Unfortunately, this means that I can't just do a quick Ctrl+F to find the item I want, because the find will fail since the rest of the page hasn't been loaded![/ol]

    This is with Chrome on Windows 10, though I see the same behavior in MS Edge browser.

    I've tried flushing the browser cache, etc. without any change to the behavior.

     

    Anybody else seeing this?  Any thoughts on workarounds, or do I just report it as a bug?

  • View solution in original post

    Mascheroni

    You can find it directly on Fortinet support site.

    5.4.6 should be the 5.4 last minor release.

    It has been published in order to resolve particular issues, such as npu fragmentation when using capwap encapsulated in ipsec tunnel, for example (problem the I've found in a particular installation and for which Fortinet give me a specific patched 5.4.5 release, not published, patch next integrated into 5.4.6 release).

    So I suppose that this is why from 5.4.5 Fortinet indicates as direct upgrade , 5.6.2 release

     

     

     

    View solution in original post

    tanr
    Valued Contributor II

    FYI, I reported the 5.4.6 GUI bug # 458586.

    [ol]
  • Security Policy page in Interface Pair View always expands all SrcIntf -> DstIntf groups, regardless of whether I've collapsed them in the past.  It used to save their collapsed/expanded state.  So now every time I go to that page the section I want to work on is scrolled off the bottom.[/ol]

     

  • View solution in original post

    25 REPLIES 25
    Sebastiaan_Koopmans
    Contributor II

    Still SSL VPN throughput not fixed ...(thet are working on an backport from 5.6.x)

    FortiAnalyzer / 6.4.0

    FortiClient / 6.2.6 FortiClient EMS VM / 6.2.6

    FortiGate 300D HA 6.2.4 FortiGate 500E HA 6.2.4 FortiGate 30E / 60E / 100E / 6.0.9 FortiMail VM HA / 6.4.0 FortiSandbox VM / 3.2.0

    FortiWeb VM / 6.3.2

    FortiManager VM / 6.4.0

    FortiAnalyzer / 6.4.0 FortiClient / 6.2.6 FortiClient EMS VM / 6.2.6 FortiGate 300D HA 6.2.4 FortiGate 500E HA 6.2.4 FortiGate 30E / 60E / 100E / 6.0.9 FortiMail VM HA / 6.4.0 FortiSandbox VM / 3.2.0 FortiWeb VM / 6.3.2 FortiManager VM / 6.4.0
    Kenundrum

    i just updated a device. There's some subtle UI changes in the way some tables are rendered.

    They did successfully fix a pet peeve of mine that i opened a case on- address objects with a space in their name now correctly display their references.

    CISSP, NSE4

     

    CISSP, NSE4
    emnoc
    Esteemed Contributor III

    cool  , hopefully 5.6.3  will be out soon

     

    Ken

     

    PCNSE 

    NSE 

    StrongSwan  

    PCNSE NSE StrongSwan
    tanr
    Valued Contributor II

    Looks like they got (more of) the npu over ipsec issues worked out:

     

    416102 Traffic over IPsec VPN getting dropped after 2 pings when it is getting offloaded to NPU.

    416950 NP6 stop process traffic through IPsec tunnel.

     

    Still a lot of known GUI bugs - over 1.5 pages.

    Pacolo
    New Contributor III

    Hi guys,

     

    I needed to upgrade to 5.4.6 because my customer needs the DNS Filter to work correctly, but now there is another really annoying bug...

    364280 User cannot use ssh-dss algorithm to log in to FortiGate via SSH.

    ...so now I cannot login through SSH.

     

    Has anybody found a solution?

    I use Secure CRT, but it does not work with Putty neither.

     

    Regards,

    Paco.

    emnoc
    Esteemed Contributor III

    Are you calling your DSA key when you access?

     

     

    e.g ( unix openssh client )

     

    ssh -vi /Users/kfelix/.ssh/id_dsa  1.0.0.1

     

     

    Do you have an option to use the typical default rsa key?

     

     

     

    PCNSE 

    NSE 

    StrongSwan  

    PCNSE NSE StrongSwan
    ede_pfau
    Esteemed Contributor III

    I found the only way to tackle this is to use an RSA key and deploy that to the client(s).


    Ede

    "Kernel panic: Aiee, killing interrupt handler!"
    Ede"Kernel panic: Aiee, killing interrupt handler!"
    tanr
    Valued Contributor II

    Any other experiences with 5.4.6?

     

    Especially, anyone using 5.4.6 FortiGates proxy-based with IPsec VPN, web filtering, and/or deep ssl inspection?

     

    Thanks.

    emnoc
    Esteemed Contributor III

    I hope to push it  in a few days. The  release seems to look good btw

    PCNSE 

    NSE 

    StrongSwan  

    PCNSE NSE StrongSwan
    Labels
    Top Kudoed Authors