.
FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I tried it with 60D by forgetting about our office 60D policies use a zone that includes a physical interface (non-tagged) and multiple VLAN subinterfaces (tagged) after read through the release notes and noticed the caution "all members of the zone would be dropped". Sure enough it did.
After a TT with TAC and some own tests with another test 60D, I decided going back to 5.4.8 for the office 60D. Because only way to restore the zone (original set of policies) with all members is to remove all VLANs on the physical interface and put the phy interface as a sole member of the zone first. Then you can recreate all VLANs I removed then put them in the zone. Not only DHCP servers but some other widgets monitoring usage need to be removed before I can remove VLANs. In the middle trying this process I gave up and decided to wait the next release, 5.6.5. TAC gave me the bug ID but it's not in the "known issues" list in the release notes.
Fortinet always surprising.
84: 2018-04-27 07:11:05 the killed daemon is /bin/pyfcgid: status=0x0 85: 2018-04-27 07:41:22 <05147> firmware FortiGate-600D v5.6.4,build1575b1575,18 0425 (GA) (Release) 86: 2018-04-27 07:41:22 <05147> application sslvpnd 87: 2018-04-27 07:41:22 <05147> *** signal 11 (Segmentation fault) received *** 88: 2018-04-27 07:41:22 <05147> Register dump: 89: 2018-04-27 07:41:22 <05147> RAX: 00007f9321a5a538 RBX: 00007f9321a59858 90: 2018-04-27 07:41:22 <05147> RCX: 0000000000000007 RDX: 000000000224dec4 91: 2018-04-27 07:41:22 <05147> R8: 000000000000ffff R9: 0000000000000000 92: 2018-04-27 07:41:22 <05147> R10: 00007f932513d4e0 R11: 00007f93251848c0 93: 2018-04-27 07:41:22 <05147> R12: 00007f9321a5a6c0 R13: 0000000000000000 94: 2018-04-27 07:41:22 <05147> R14: 00007f9321a58800 R15: 0000000000000000 95: 2018-04-27 07:41:22 <05147> RSI: 0000000000000000 RDI: 000000000244543a 96: 2018-04-27 07:41:22 <05147> RBP: 00007fffbc582a00 RSP: 00007fffbc5829d0 97: 2018-04-27 07:41:22 <05147> RIP: 0000000001272ab1 EFLAGS: 0000000000010202 98: 2018-04-27 07:41:22 <05147> CS: 0033 FS: 0000 GS: 0000 99: 2018-04-27 07:41:22 <05147> Trap: 000000000000000e Error: 0000000000000004 100: 2018-04-27 07:41:22 <05147> OldMask: 0000000000000000 101: 2018-04-27 07:41:22 <05147> CR2: 0000000000000000 102: 2018-04-27 07:41:22 <05147> stack: 0x7fffbc5829d0 - 0x7fffbc585ae0 103: 2018-04-27 07:41:22 <05147> Backtrace: 104: 2018-04-27 07:41:22 <05147> [0x01272ab1] => /bin/sslvpnd 105: 2018-04-27 07:41:22 <05147> [0x01274281] => /bin/sslvpnd 106: 2018-04-27 07:41:22 <05147> [0x012f7cee] => /bin/sslvpnd 107: 2018-04-27 07:41:22 <05147> [0x012fa399] => /bin/sslvpnd 108: 2018-04-27 07:41:22 <05147> [0x012fa6fd] => /bin/sslvpnd 109: 2018-04-27 07:41:22 <05147> [0x012fa98b] => /bin/sslvpnd 110: 2018-04-27 07:41:22 <05147> [0x012faef8] => /bin/sslvpnd 111: 2018-04-27 07:41:22 <05147> [0x0042e280] => /bin/sslvpnd 112: 2018-04-27 07:41:22 <05147> [0x004349c4] => /bin/sslvpnd 113: 2018-04-27 07:41:22 <05147> [0x00431eac] => /bin/sslvpnd 114: 2018-04-27 07:41:22 <05147> [0x00433bc1] => /bin/sslvpnd 115: 2018-04-27 07:41:22 <05147> [0x00434569] => /bin/sslvpnd 116: 2018-04-27 07:41:22 <05147> [0x7f932503b475] => /fortidev4-x86_64/lib/libc. so.6 117: 2018-04-27 07:41:22 (__libc_start_main+0x000000f5) liboffset 00021475 118: 2018-04-27 07:41:22 <05147> [0x0042b53d] => /bin/sslvpnd
Anybody know details of the known issue: 462080 (with FortiSwitch-Controller/FortiLink) FG-300E reboots with kernel panic errors? I may be moving from a 5.4.8 300D to a 5.6.4 300E and would like to not get burned.
5.6.4 still has some annoying GUI and FAZ related known issues, but most aren't blockers.
This looks like the first 5.6 build that we might consider moving to from 5.4.
If anybody has moved a production system over to 5.6.4 would appreciate hearing how it's going for you. Thanks!
http://kb.fortinet.com/kb/documentLink.do?externalID=FD40956
NOTE : Users of v5.6.3 should be aware that these changes also apply to this release. The option is available in v5.6.4
No it's not!!!
BugID 456566 is still included in the known bug list!
hecht wrote:http://kb.fortinet.com/kb/documentLink.do?externalID=FD40956
NOTE : Users of v5.6.3 should be aware that these changes also apply to this release. The option is available in v5.6.4
No it's not!!!
BugID 456566 is still included in the known bug list!
Hi hecht,
The release notes are incorrect regarding this bug - 456566 is indeed fixed and available in 5.6.4. The release notes will be updated.
Have others tried upgrading to 5.6.4? Is it functioning as well as or better than 5.6.3?
I don't understand how Fortinet may pass QA review with such critical know bugs :
448247 Traffic-shaper in shaping policy does not work for specific application category like as P2P
Hey fortinet, do you know Microsoft issued a new version of windows 10 this week and the traffic shaper is the only way of mitigating tons of PCs trying to download Windows 10 at the same time (using a traffic-shaper on the Update application category !).
So for us, we stay once more on the 5.4 train, waiting for a 5.6 stable version and waiting one more year before daring to test 6.0 train in production !.
I tested this version and no surprise beyond the instability with the VPNSSL. I particularly do not recommend using this version, so far the 5.6.3 is the most stable.
Hi,
has anyone opened a support case on the SSLVPN troubles and has some details?
We only have a handful of installations running with 5.6.4 or some Interims post 5.6.3. We have not seen any new bugs since 5.6.3 so far... But a lot of fixes.
Br,
Roman
romanr wrote:Hi,
has anyone opened a support case on the SSLVPN troubles and has some details?
We only have a handful of installations running with 5.6.4 or some Interims post 5.6.3. We have not seen any new bugs since 5.6.3 so far... But a lot of fixes.
Br,
Roman
Hello,
I open ticket and the response received was: wait the new version 5.6.5 ¬¬
I received the following error periodic:
84: 2018-04-27 07:11:05 the killed daemon is /bin/pyfcgid: status=0x0 85: 2018-04-27 07:41:22 <05147> firmware FortiGate-600D v5.6.4,build1575b1575,18 0425 (GA) (Release) 86: 2018-04-27 07:41:22 <05147> application sslvpnd 87: 2018-04-27 07:41:22 <05147> *** signal 11 (Segmentation fault) received ***
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1705 | |
1093 | |
752 | |
446 | |
230 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.