Upgraded my lab 60E and noticed either a deliberate change in behaviour or a bug but i couldn't find it in the notes.
when dhcp dns settings are at default (same as system dns) and the WAN/internet connection retrieves dns servers from dhcp, the previous behaviour was for the dhcp aquired dns servers to be used in internal dhcp scopes. Now it uses the configured system dns (fortiguard by default), which could be fatal for users if you have restricted dns traffic in your policies
I haven't tested this on any other boxes to confirm so i could be mistaken but be aware
Another bug. In IPS, the severity column is blank! You can't filter on severity as a result.
bascheew wrote:I can confirm I'm seeing the same thing. No severity or targets are populated in the GUI for IPS signatures so you can't filter on them.Another bug. In IPS, the severity column is blank! You can't filter on severity as a result.
*edit* Yup it's a known bug, scheduled to be fixed in 6.2.3.
thuynh wrote:Hi bascheew, we could not reproduce the issue in our lab. Can you provide more details on your config (FGT model, FAP model, how's the FAP profile is setup, etc). Does it happen to new FAP profile? Your gif also doesnt work.
The Fortigate is 500e, APs are 421E. I cloned the profile and the same thing happened on the cloned profile. Let's see if this GIF works:
Hi Richard, this is just a display issue. You should still be able to configure IPS profile and the feature still works as before.
I think I found a bug.
On AP Profiles, if SSIDs are manually assigned and you choose to view the profile, the SSID fields will be blank and if you press OK then you save the profile with no SSIDs. If you're not paying attention you'll easily miss that you just removed any SSIDs!
See attached gif for how to reproduce:
Upgraded my lab 60E and noticed either a deliberate change in behaviour or a bug but i couldn't find it in the notes.
when dhcp dns settings are at default (same as system dns) and the WAN/internet connection retrieves dns servers from dhcp, the previous behaviour was for the dhcp aquired dns servers to be used in internal dhcp scopes. Now it uses the configured system dns (fortiguard by default), which could be fatal for users if you have restricted dns traffic in your policies
I haven't tested this on any other boxes to confirm so i could be mistaken but be aware
Finally add support for wildcard FQDN addresses in firewall policy!
I just tried clearing my cache and the issues are still there. I then switched from Chrome to Edge and the problem still happens there too. I tried creating a new IPS sensor and the problem still happens.
Also notice that in the IPS screenshot that the "Target" column is also blank.
bascheew wrote:I can confirm I'm seeing the same thing. No severity or targets are populated in the GUI for IPS signatures so you can't filter on them.Another bug. In IPS, the severity column is blank! You can't filter on severity as a result.
*edit* Yup it's a known bug, scheduled to be fixed in 6.2.3.
@simonorch:
FW01 (mgmt) # sh
config system interface
edit "mgmt"
set ip 192.168.1.99 255.255.255.0
set allowaccess ping https ssh
set type physical
set dedicated-to management
set role lan
set snmp-index 1
set ap-discover disable
next
end
FW01 (mgmt) # set dns-server-override
enable Use DNS acquired by DHCP or PPPoE.
disable No not use DNS acquired by DHCP or PPPoE.
I think (prior to reading the docs, as always) that this is the switch you need. Maybe it's default has changed. Wouldn't be the first time a default value had changed.
@ede_pfau
just checked 6.0 docs and enabled by default and after checking in cli is still default in 6.2.2, that means it sounds like dns override might be broken
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.