Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Carl_Wallmark
Valued Contributor

FortiOS 5.6.4 is out.

.

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
1 Solution
Toshi_Esumi
Esteemed Contributor III

I tried it with 60D by forgetting about our office 60D policies use a zone that includes a physical interface (non-tagged) and multiple VLAN subinterfaces (tagged) after read through the release notes and noticed the caution "all members of the zone would be dropped". Sure enough it did.

After a TT with TAC and some own tests with another test 60D, I decided going back to 5.4.8 for the office 60D. Because only way to restore the zone (original set of policies) with all members is to remove all VLANs on the physical interface and put the phy interface as a sole member of the zone first. Then you can recreate all VLANs I removed then put them in the zone. Not only DHCP servers but some other widgets monitoring usage need to be removed before I can remove VLANs. In the middle trying this process I gave up and decided to wait the next release, 5.6.5. TAC gave me the bug ID but it's not in the "known issues" list in the release notes.

View solution in original post

40 REPLIES 40
tanr
Valued Contributor II

Did support that said to wait for 5.6.5 give an estimate of when it would be available?

Sebastiaan_Koopmans

Hi,

We have upgraded our Fortigate 300D Cluster from 5.4.8 to 5.6.4 and so far no issues.

FortiAnalyzer / 6.4.0

FortiClient / 6.2.6 FortiClient EMS VM / 6.2.6

FortiGate 300D HA 6.2.4 FortiGate 500E HA 6.2.4 FortiGate 30E / 60E / 100E / 6.0.9 FortiMail VM HA / 6.4.0 FortiSandbox VM / 3.2.0

FortiWeb VM / 6.3.2

FortiManager VM / 6.4.0

FortiAnalyzer / 6.4.0 FortiClient / 6.2.6 FortiClient EMS VM / 6.2.6 FortiGate 300D HA 6.2.4 FortiGate 500E HA 6.2.4 FortiGate 30E / 60E / 100E / 6.0.9 FortiMail VM HA / 6.4.0 FortiSandbox VM / 3.2.0 FortiWeb VM / 6.3.2 FortiManager VM / 6.4.0
rswinney99

Is the sslvpn issue related to all ssl vpn connections (forticlient and web)? Or is it just browser based ssl vpn?

Kenundrum
Contributor III

tanr wrote:

Did support that said to wait for 5.6.5 give an estimate of when it would be available?

I opened a ticket regarding a different issue listed on the release notes and got the same response about wait for 5.6.5. When i pressed further, the response I got was that 5.6.5 has no release date estimate.

 

CISSP, NSE4

 

CISSP, NSE4
tanr
Valued Contributor II

Ah well, thanks for the info Kenundrum.

FGTuser
New Contributor III

Kenundrum wrote:

tanr wrote:

Did support that said to wait for 5.6.5 give an estimate of when it would be available?

 I opened a ticket regarding a different issue listed on the release notes and got the same response about wait for 5.6.5. When i pressed further, the response I got was that 5.6.5 has no release date estimate.

 

 

At standard release schedule 5.6.5 can take 4-6 months. It would be nice to know if FTNT will release 5.6.5 earlier due to this bug.

Also some bug details would be helpful...

 

 

Frosty

Disappointed to hear about the SSL VPN issues with FortiClient.  We rely on that, so cannot upgrade.  We'll be staying on v5.6.2 until further notice, as it has been very stable for our environment.

Adrian_Lewis

Anyone know any more about this SSL-VPN issue that's been discussed? I see nothing in the release notes (that have been updated a few times since release) and can't find anything in the bug tracker on the support portal. Has anyone managed to get a bug ID from Fortinet on this?

romanr
Valued Contributor

Hi,

 

I was able to have a look into Brunos ticket. And even thugh Bruno has troubles there - there is no confirmed bug about it and support did NOT mention, that it will be fixed in 5.6.5... The support process was not even brought to a qualified end by mid last week...

 

We were not able to reproduce any trouble, but this was only on E series models...

 

Br,

Roman

 

 

Bruno_Pereira
New Contributor III

Hello, I opened a ticket for this vpn ssl bug. remembering that my model is 600D, I do not know if others are affected. Support has been able to capture the crash and secondly it will be routed to development. Any news will inform you.

Top Kudoed Authors