Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
bommi
Contributor III

FortiOS 6.0.1 is out!

NSE 4/5/7
19 REPLIES 19
Spidler
New Contributor III

I've noticed something funky since 6.0.0 and it's continued into 6.0.1: When in the Fortiview section looking through Web Sites, Sources, Applications, etc. the results will display when I browse through the different areas, but eventually it starts displaying No Results Found no matter what time-frame I choose (now, 5min, 1hr, 24hrs) or what category I go into (Sources, Destinations, Applications, Websites). I usually have to log out and log back in to look through it, and then it eventually happens again. What's odd is I get a notification in the upper right hand portion of the toolbar where it displays whether you're viewing log data from the local device or from the Forticloud - it turns into an amber triangle with an exclamation mark.

I've verified this happens on multiple 140Ds and a 200 using both Edge and Chrome (fully updated/patched). It's gotta be something simple that I borked up in the config, but it's super frustrating.

Dickie
New Contributor III

Yet another conserve mode event today.  This is only a small office so something is def not right.  I've been working all day and the memory widget shows memory usage creeping up from midday in a steady slope.  Suggests a memory leak to me.

Richard
Richard
bommi
Contributor III

I had three outages of my fortigate last week and today I had two of those events.

Only a restart helped.

 

I couldnt get any output over serial console in case of this event.

NSE 4/5/7

NSE 4/5/7
Dickie
New Contributor III

Another outage today with only IOT stuff connected so no 'big usage'.  This time I had the brains to try and find out what is doing it...turns out it is the WAD process.  I do not use caching, explicit proxy etc etc.

Conserve mode  WAD 40%  After clearing sessions WAD back to 1%

 

Hope this helps somebody or points them in the right direction.

 

Richard
Richard
rkhair

Having issues with Windows updates sites being blocked by AV.. anyone seeing this also? It flags it as a virus but had no name.. started since 6.0.1 , reverted our lab to 5.6 and was back to normal.. comes up in AV monitor and forward log..
rkhair
New Contributor

So it's a known issue and fortinet support sent me a new AV engine to fix it.. will be included in 6.0.2 apparently... "Our internal documentation finally revealed the issue, which was the AV engine. I have attached in this update a new AV engine. The steps to update the engine is from GUI, in System > Settings > FortiGuard > On the AntiVirus section there is an option to update database, there the new .pkg file needs to be uploaded. Upload the file wait for a few minutes and make a test. Let me know if that fixed the issue. Also it is suggested to update at version 6.0.2 and look for 0497371 bug fix." Minute I installed it, it fixed windows updates. Encase this helps someone else.
rkhair wrote:
Having issues with Windows updates sites being blocked by AV.. anyone seeing this also? It flags it as a virus but had no name.. started since 6.0.1 , reverted our lab to 5.6 and was back to normal.. comes up in AV monitor and forward log..
andrewbailey

SMabille,

 

Did you make any progress on this issue?

 

I have a case open for it with support- but so far no obvious sign of resolution and they can't reproduce it (at least on simple test).

 

Just wondered how you were getting on- maybe I could add any of your findings to the ticket if you dont have one open yourself?

 

Kind Regards,

 

 

Andy.

 

SMabille wrote:

Hi, 

 

Confirmed, except not only UDP. I got 50Gb of ping reported in last 24 hours, so ICMP affected too.

HTTP+HTTPS (TCP) reporting about 80Gb of traffic for last 24Hrs while "real" total amount (as per ISP stats) is about 20Gb.

So looks like all protocol affected.

 

Wondering if traffic is counted as  number of packets*mtu, which would explain why some protocols looks more affected than others.

 

Andy Bailey wrote:
Hello all, I’ve upgraded a 60E to 6.0.1. Since the update the FortiView “Bytes (Sent/ Received)” counters seem to have gone wrong. For example I have one Rasberry Pi which is indicating over 817GB sent during a 24 hour period (normally it would send perhaps 5 GB and it’s config and status haven’t changed). Other devices seem to be reporting similarly high data volumes, while others look relatively normal. The Raspberry Pi is sending mainly UDP packets so it’s possible it’s just UDP traffic volumes not being recorded correctly. The high data volumes are also being reported through to FortiCloud and FortiAnalyzer. However, the figures being reported can’t be correct. The VDSL service I use has 1000 GB per month cap. And the ISP is reporting “normal” useage of around 10 GB per day. Nothing like the FortiGate reported values. Anyone else seeing this? Anyone got any ideas of what I should check? Thanks in advance, Andy.

SMabille

Hi Andy,

 

I didn't really pursue the issue (haven't opened a ticket). I think since my post I upgraded to FortiAnalyzer 6.0.1 but no improvement.

 

 

 

Andy Bailey wrote:

SMabille,

 

Did you make any progress on this issue?

 

I have a case open for it with support- but so far no obvious sign of resolution and they can't reproduce it (at least on simple test).

 

Just wondered how you were getting on- maybe I could add any of your findings to the ticket if you dont have one open yourself?

 

Kind Regards,

 

 

Andy.

 

SMabille wrote:

Hi, 

 

Confirmed, except not only UDP. I got 50Gb of ping reported in last 24 hours, so ICMP affected too.

HTTP+HTTPS (TCP) reporting about 80Gb of traffic for last 24Hrs while "real" total amount (as per ISP stats) is about 20Gb.

So looks like all protocol affected.

 

Wondering if traffic is counted as  number of packets*mtu, which would explain why some protocols looks more affected than others.

 

Andy Bailey wrote:
Hello all, I’ve upgraded a 60E to 6.0.1. Since the update the FortiView “Bytes (Sent/ Received)” counters seem to have gone wrong. For example I have one Rasberry Pi which is indicating over 817GB sent during a 24 hour period (normally it would send perhaps 5 GB and it’s config and status haven’t changed). Other devices seem to be reporting similarly high data volumes, while others look relatively normal. The Raspberry Pi is sending mainly UDP packets so it’s possible it’s just UDP traffic volumes not being recorded correctly. The high data volumes are also being reported through to FortiCloud and FortiAnalyzer. However, the figures being reported can’t be correct. The VDSL service I use has 1000 GB per month cap. And the ISP is reporting “normal” useage of around 10 GB per day. Nothing like the FortiGate reported values. Anyone else seeing this? Anyone got any ideas of what I should check? Thanks in advance, Andy.

agabekov

Dominic Lange wrote:

Installed it on 2 separate 50E with SD-WAN. Both crashed after a while without console output. Not pingable and nothing in the crash-log. LEDs still blinking but is not reacting to console input.

First box had Interfaces and VPN Tunnels in SD-Wan and had some Performance SLA and it dies after 5-10 Minutes. Deleting Performance SLA could raise the time to die to about 1-3 hours.

Second box which has only 2 WAN as SD-WAN interfaces and only ping Performance SLAs dies after about 24 hours.

Had the same issue with 3 50E-s, one standalone and two in HA pair, with and without SD-WAN. They were just stalling after 1-3 hours. Had to downgrade to 5.6.5, needless to say it erased config and I had to restore it from backup in remote site.

Alexis_G
Contributor II

Does anybody Knows the differences in the Certification of NS4 between 5.6 and 6.0

From what i see looks the same trainning material with minor differences in number of pages ?

I m preparing for NS4 5.6 version

thanks

--------------------------------------------

If all else fails, use the force !

-------------------------------------------- If all else fails, use the force !
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors