https://docs.fortinet.com/document/fortigate/6.0.9/fortios-release-notes/760203/introduction
The known issues are the shortest list I remember
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
ValentinoD wrote:
Did you experience any more issues after the last update? Did the issue that you were seeing in 6.0.8 only see for RDP coming from SSLVPN?
Still seeing the occasional issue with RDP over SSL VPN in 6.0.9, but not nearly as often.
ValentinoD wrote:We are thinking of going to 6.0.9, and while we do not have any SSL VPN on Fortigate, we do have RDP sessions going over IPSec VPN tunnels or other directly connected links.
If you don't use SSL VPN, you'll be fine. RDP works okay over IPsec and other links.
Another issue with 6.0.9 (and perhaps earlier versions) is where a client browsing securely to a FGT virtual server will get disconnected as soon as they send a ClientHello. This isn't reproducible on all our standard virtual servers -- only on one that I'm experimenting on with some advanced features enabled.
Further analysis shows that the wad process is crashing. The TAC engineer matched this to a known bug (590039) and advised me that it has been fixed in 6.2.3. When I asked if it would be backported to 6.0, I was told no, it won't, and to upgrade to 6.2.3. I've asked for an explanation on why it won't be backported and haven't heard yet. That was over three weeks ago.
According to Fortinet's product life cycle, FOS 6.0's engineering support doesn't end until 29 March 2021. If a daemon is crashing, I don't understand why they don't fix it. I'm certainly not keen to upgrade to a new version like 6.2 just yet.
After upgrading it looks like (currently investigation) that we have random connectivity issues to on premise Exchange servers. They loose connection/outlook freezes sometimes with no reason.
Tonight we have downgraded to 6.0.8 to see if this the cause.
Keep you updated
FortiAnalyzer / 6.4.0
FortiClient / 6.2.6 FortiClient EMS VM / 6.2.6
FortiGate 300D HA 6.2.4 FortiGate 500E HA 6.2.4 FortiGate 30E / 60E / 100E / 6.0.9 FortiMail VM HA / 6.4.0 FortiSandbox VM / 3.2.0
FortiWeb VM / 6.3.2
FortiManager VM / 6.4.0
Maybe instead of SSLVPN to RDP you could use SSLVPN to Windows Admin (https://docs.microsoft.com/en-us/windows-server/manage/windows-admin-center/overview).
Doesn't cover all of the remote workloads, but might cover enough for you.
:)
Another issue is commented in the "parallel" thread at Reddit:
We upgraded today. We are having timeout issues with fortiguard when set to https and had to switch it to udp. Have a ticket open with TAC. So far, https on port 53 or 8888 we get random timeouts when doing a fortiguard url lookup. Switching it to UDP on 8888 appears to fix it, but im guessing this leaves us vulnerable....
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.