FortiOS 5.4.6 is out!

Carl_Wallmark · ‎10-20-2017

.

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

tanr · ‎11-01-2017

Anybody else running into GUI issues with 5.4.6?

The most annoying two I'm hitting are:

[ol]

Security Policy page in Interface Pair View always expands all SrcIntf -> DstIntf groups, regardless of whether I've collapsed them in the past. It used to save their collapsed/expanded state. So now every time I go to that page the section I want to work on is scrolled off the bottom.

Pages aren't fully loaded till you scroll down. So on that Security Policy page, or the Services page, or many other similar ones, it only loads the visible section of the page, nothing below it. Unfortunately, this means that I can't just do a quick Ctrl+F to find the item I want, because the find will fail since the rest of the page hasn't been loaded![/ol]

This is with Chrome on Windows 10, though I see the same behavior in MS Edge browser.

I've tried flushing the browser cache, etc. without any change to the behavior.

Anybody else seeing this? Any thoughts on workarounds, or do I just report it as a bug?

View solution in original post

Mascheroni · ‎11-04-2017

You can find it directly on Fortinet support site.

5.4.6 should be the 5.4 last minor release.

It has been published in order to resolve particular issues, such as npu fragmentation when using capwap encapsulated in ipsec tunnel, for example (problem the I've found in a particular installation and for which Fortinet give me a specific patched 5.4.5 release, not published, patch next integrated into 5.4.6 release).

So I suppose that this is why from 5.4.5 Fortinet indicates as direct upgrade , 5.6.2 release

View solution in original post

tanr · ‎11-08-2017

FYI, I reported the 5.4.6 GUI bug # 458586.

[ol]

Security Policy page in Interface Pair View always expands all SrcIntf -> DstIntf groups, regardless of whether I've collapsed them in the past. It used to save their collapsed/expanded state. So now every time I go to that page the section I want to work on is scrolled off the bottom.[/ol]

View solution in original post

Hosemacht · ‎10-24-2017

Hi there,

ive got some issues when i try to apply a static webfilter to an VIP (wan to internal) with ssl deep inspection enabled

i cant access the website anymore.

this was an issue in 5.4.4 it was solved with 5.4.5 and now ist back again.

Overal the update seem very solid.

Regards.

sudo apt-get-rekt

Hosemacht · ‎11-10-2017

here is a little workaround that helps me to keep the overview:

if you rightklick on any + or - symbol (where you can collaps or expand interface pairs)

you can say "collapse all" or "expand all".

Regards

sudo apt-get-rekt

tanr · ‎11-10-2017

Thanks for the tip.

It still doesn't save the collapsed state when navigating away from the IPv4 Policy page and then returning to it, but at least with the right-click plus "collapse all" I can more quickly get to the area I need.

Pacolo · ‎10-31-2017

Hi enmoc/ede_pfau,

Excuse me, but I was not able to try this until today.

I have just tried to create several keys, rsa or dsa, with Secure CRT and Putty using the following guides, thout I can't make it work.

http://kb.fortinet.com/kb...nk.do?externalID=11985

https://devops.profitbric...with-putty-on-windows/

Maybe I will open a support case, as I think that the the SSH connection is really necessary in case something goes wrong with the device.

Regards,

Paco.

tanr · ‎11-01-2017

Anybody else running into GUI issues with 5.4.6?

The most annoying two I'm hitting are:

[ol]

Security Policy page in Interface Pair View always expands all SrcIntf -> DstIntf groups, regardless of whether I've collapsed them in the past. It used to save their collapsed/expanded state. So now every time I go to that page the section I want to work on is scrolled off the bottom.

Pages aren't fully loaded till you scroll down. So on that Security Policy page, or the Services page, or many other similar ones, it only loads the visible section of the page, nothing below it. Unfortunately, this means that I can't just do a quick Ctrl+F to find the item I want, because the find will fail since the rest of the page hasn't been loaded![/ol]

This is with Chrome on Windows 10, though I see the same behavior in MS Edge browser.

I've tried flushing the browser cache, etc. without any change to the behavior.

Anybody else seeing this? Any thoughts on workarounds, or do I just report it as a bug?

Marcel_B_ · ‎11-02-2017

Anybody has news regarding the SSH problem (364280 User cannot use ssh-dss algorithm to log in to FortiGate via SSH) ?

Thanks in advance for your feedback !

Regards,

Marcel

Mascheroni · ‎11-03-2017

No SSH problem for the moment on our 5.4.6 Fortigates

Mascheroni · ‎11-03-2017

Hi tanr, I've found the same issues you've mentioned me too after 5.4.6 upgrade.

I'm using Chrome ver. 62.0.3202.75 and Win 10 1703 build 15063.674

SecurityPlus · ‎11-04-2017

I've looked at few FortiGate firewalls that are running 5.4.5 lately. When looking for upgrade firmware it lists the 5.6.2 firmware but not the 5.4.6 option. Has anyone else seen this? Any idea why it would offer 5.6.2 but not 5.4.6?

Mascheroni · ‎11-04-2017

You can find it directly on Fortinet support site.

5.4.6 should be the 5.4 last minor release.

It has been published in order to resolve particular issues, such as npu fragmentation when using capwap encapsulated in ipsec tunnel, for example (problem the I've found in a particular installation and for which Fortinet give me a specific patched 5.4.5 release, not published, patch next integrated into 5.4.6 release).

So I suppose that this is why from 5.4.5 Fortinet indicates as direct upgrade , 5.6.2 release