Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Hosemacht
Contributor II

FortiOS 6.0.4 is out!

lots of bugfixes

 

https://docs.fortinet.com...release-notes/download

sudo apt-get-rekt

1 Solution
SMabille

You can get a FAZ license for $1 on AWS for 500Gb and up to 2 "home" Fortigate/VDOM (up to Fortigate 90 and VM-01), still have to pay for AWS usage, I'm at around $25 a month.

(https://aws.amazon.com/marketplace/pp/B06Y1K63ZH?qid=1548667167351&sr=0-1&ref_=srh_res_product_title...)

 

dfollis wrote:

I have a home setup of the following:

 

FWF-60E v6.0.4 build0231 (6.0.4)

FSW-108D-POE v3.6.9-build0426 (this model does not support v6)

FortiAP FP221C v6.0-build0027 (just upgraded to build0030, 6.0.4)

 

Fairly simple setup for home using these devices.  I've experienced random outages after ~24 hours after upgrading from 6.0.3 to 6.0.4.  Symptom is Wifi will be down and hard wire connection to FWF-60E will not respond without a hard power reset.

 

I first tried to update my FSW from 3.6.8 to .9 but crash occurred again.  This AM after another hard reset was needed, I noticed that 6.0.4 for FP221C was released on 1/25 so I have just updated that.  As this is a home setup, I'm not paying for FAZ  (considering we spend thousands of dollars on FTNT gear at work sure would be nice for free FAZ with low daily limit for home use/testing, just saying :-)).

 

I do have a synology though so I'm going to enable SYSLOG and dump to that to see if I can get better system events.  When I check events logged to FortiCloud I don't see anything odd.  Running "diag debug crashlog read" shows the following:

 

1: 2019-01-26 22:27:10 scanunit=manager pid=152 str="AV database changed; restarting workers" 2: 2019-01-26 22:27:12 <00152> scanunit=manager str="Success loading anti-virus database." 3: 2019-01-26 22:37:10 scanunit=manager pid=152 str="AV database changed; restarting workers" 4: 2019-01-26 22:37:12 <00152> scanunit=manager str="Success loading anti-virus database." 5: 2019-01-26 22:40:14 the killed daemon is /bin/pyfcgid: status=0x0 6: 2019-01-26 22:59:10 scanunit=manager pid=152 str="AV database changed; restarting workers" 7: 2019-01-26 22:59:12 <00152> scanunit=manager str="Success loading anti-virus database."

8: 2019-01-27 12:33:03 <00152> scanunit=manager str="Success loading anti-virus database."

 

It is interesting that that last event logged is an AV update until I reset it 12 hours later, see events 7 and 8 above.

 

Not sure if anyone else is seeing stability issues like this.  It is possible I have an odd config that is causing an issue as I have a few VLANs that are trunked over my FSW, but nothing unconventional that I'm aware of.  Will update post if I see another crash.

View solution in original post

52 REPLIES 52
Jordan_Thompson_FTNT

SMabille wrote:

Except I didn't select Capture image, and it doesn't explain the large number of self-admin logging using my credential from 127.0.0.1 even when not logged.

 

Depending on the browser, this prompt may appear just from loading the page. It is not malware.

 

SMabille wrote:

EDIT: Looks like the admin log ins have been solved upgrading FortiAnalyzer from 6.0.3 to 6.0.4

 

Correct, newer FortiAnalyzer firmware solves this problem.

PeterK

I have noticed it has fixed the issue of not being able to creates routes in the GUI.  I need to test on another Firewall to see if it has restored the icons in the SSL-Web portal.  I have tested the traffic filter issue someone has mentioned, but I tend to do this through the Analyzer which is on 6.0.4 and the filters are working on this.

neonbit
Valued Contributor

I'm loving this release. The SSLVPN web portal bookmark problem is solved for me and HTTP bookmarks that were pointing to HTML5 servers that never used to work are all now working!

 

One thing I did notice is that some of the pages (FortiView > Applications and Log & Report > Forward Traffic) are taking a little time to load.

sashag
New Contributor

Upgraded yesterday from 5.6.6 to 6.0.4 600D cluster. System - Settings page not loading, cannot configure central management. Anybody else experiencing this GUI issue?

SMabille

Hi,

 

Are you using local log storage, cloud or FortAnalyzer?

I can't see the same behaviour (works as expected for me) on 60E + FortiAnalyzer 6.0.3

 

Stephane 

 

sigmasoftcz wrote:

ok, the first problem appeared. In version 6.0.4, IP addresses do not translate to DNS names at src address. This is happening in both FortiView and Logs section on all tested boxes.

 

[attachImg]https://forum.fortinet.com/download.axd?file=0;170563&where=message&f=FortiView-TrafficFromWan.jpg[/attachImg]

Jirka

 

Jirka1

Hi Stephane, yes, we use FortiAnalyzer. It is true that the problem can be even there. We also updated the FAZ to version 6.0.4. I will look at it. Jirka
Jirka1

Hi Stephane, yes, we use FortiAnalyzer. It is true that the problem can be even there. We also updated the FAZ to version 6.0.4. I will look at it. Jirka
Jordan_Thompson_FTNT

sigmasoftcz wrote:

ok, the first problem appeared. In version 6.0.4, IP addresses do not translate to DNS names at src address. This is happening in both FortiView and Logs section on all tested boxes.

 

Previous versions of FortiOS also did not do reverse DNS lookup on source IPs. This feature is for destination views.

Jirka1

Jordan_Thompson_FTNT wrote:

sigmasoftcz wrote:

ok, the first problem appeared. In version 6.0.4, IP addresses do not translate to DNS names at src address. This is happening in both FortiView and Logs section on all tested boxes.

 

Previous versions of FortiOS also did not do reverse DNS lookup on source IPs. This feature is for destination views.

Hi Jordan,

I disagree. In version 5.6.7, PTR records are beautifully visible. FortiView-> Traffic from WAN-> Source

 

Jirka

empolo
New Contributor

Hi

I cant seem to find the upgrade path to 6.0.4. I have version 6.0.2 installed on my 501E. Could i upgrade to 6.0.4 directly or should i first upgrade to 6.0.3 and then to 6.0.4?