Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
James_G
Contributor III

FortiOS 6.4 is out

https://docs.fortinet.com/product/fortigate/6.4

 

It's dropped support for the 30e / 50e, so I wont be able try and load into test lab :(

4 Solutions
brizvi_FTNT

Hi Philippe,

 

Most of the monitor pages have been moved to the dashboard and can be added as widgets. This change is mentioned in the release notes here: https://docs.fortinet.com/document/fortigate/6.4.0/fortios-release-notes/743723/new-features-or-enha...

 

550911: Consolidate Monitor and FortiView pages.

FortiView and Monitor entries have been removed from the navigation bar. Most of the pages under them now show up as widgets in several newly added default dashboards. Exceptions being: 

- WiFi Client Monitor, which has been renamed to WiFi Clients and moved to the WiFi & Switch Controller section.

- Modem and WAN OPT pages which will still show up under Monitor if the feature is enabled.

View solution in original post

andrewbailey

Hi all,

 

I've had 6.4 running on a 60E for 18 days now. No issues with the upgrade and very stable. I quite like some of the GUI rearragnements and the upgrade has resolved a few issues I was seeing in 6.2.3 so I'm impressed so far.

 

As others have commented I think a short list of features and known issues gives me more condidence in the 6.4 release going forward. Hope others have similar experience.

 

However, I had noticed today that memory usage had climbed a bit. Memory use was around 67% initialy but had crept up to 80% today- so not serious, but would have triggered "Conserve Mode" in another day or two.

 

I had seen some comments (Reddit I think?) of someone else reporting similar issues which they believed were caused by the IOT daemon.

 

So quick diag check of the iotd:-

 

diag test app iotd 2 iotd_mem_stats:     alloc 2484424 free 734627 fail 0 now 258984944 max 258984944

.........

 

and then a iod restart:-

 

diag test app iotd 99

 

gave me the following post-restart iotd memory stats:-

 

diag test app iotd 2 iotd_mem_stats:     alloc 1611 free 1 fail 0 now 253268 max 253268

.........

 

This dropped the overall memory use from 80% back to 67% again.

 

So might be one to look for, and may indicate a slow memory leak in the iotd process?

 

I'll keep an eye on it and raise a ticket if I see it continue.

 

Kind Regards,

 

 

Andy.

 

View solution in original post

Accionet

Hello.

 

I have same problem with 6.4 on 60E and VLAN with PPPoE on WAN interface. IP not received from Internet Provider.

 

I´ve downgrade to 6.2.

 

Bye.

View solution in original post

brizvi_FTNT

Tipdrill wrote:

- Vlan do not work, everything is configured correctly. I have vlans with realy dhcp for avaya phones and the traffic no longer passes. The policies are correct.

Likely encountered a known issue mentioned in the release notes here: https://docs.fortinet.com/document/fortigate/6.4.0/fortios-release-notes/236526/known-issues

VLANs on a FortiLink interface configured to use a hardware switch interface may fail to come up after upgrading or rebooting.

 

- The new GUI does not load the interface bandwidth widgets. They remain in continuous loading.

 

Can you disable `monitor-bandwidth` for the interface from the CLI (instructions below), remove the widget for it from the GUI and add it again and let me know if that helps? If it does work, then it is likely an issue that we are looking to fix in a subsequent patch. 

 

To disable `monitor-bandwidth` for an interface:

> config system interface

> edit [insert port you want to edit]

> set monitor-bandwidth disable

> end

View solution in original post

38 REPLIES 38
James_G

platenbaas wrote:

Fortigate/FortiWifi 30E = not supported, but when i read the resolved issues i found the following

 

"574724 SSL VPN conserve mode on FWF-30E when FortiGate unit enters memory less than 25%."

 

very strange.

Hope yet for my 50e test units - it would really help me if they are supported in 6.4

 

^^Actually would be very strange if 6.4 not supported as the units are net even end of sale yet, so at least 5 years support+ in them yet

Philippe_ASTIER

Hi all, is it just me or is the monitoring section gone in 6.4 ??? I can not find how to display routes, devices, etc !!! HELP !

Philippe_ASTIER

In fact, it has disappeared from the left hand bar, below Log & Report. Looking at all documentation, there are some screenshots that still show it, some where it has gone.

 

How the hell do we monitor things ???

 

brizvi_FTNT

Hi Philippe,

 

Most of the monitor pages have been moved to the dashboard and can be added as widgets. This change is mentioned in the release notes here: https://docs.fortinet.com/document/fortigate/6.4.0/fortios-release-notes/743723/new-features-or-enha...

 

550911: Consolidate Monitor and FortiView pages.

FortiView and Monitor entries have been removed from the navigation bar. Most of the pages under them now show up as widgets in several newly added default dashboards. Exceptions being: 

- WiFi Client Monitor, which has been renamed to WiFi Clients and moved to the WiFi & Switch Controller section.

- Modem and WAN OPT pages which will still show up under Monitor if the feature is enabled.

Philippe_ASTIER

OK ! It is a FEATURE. Everything has been moved to Dashboards. Big change, interesting approach, but quite disturbing !

neonbit

One thing to watch out for is that if you upgrade your FortiManager to 6.4 you can't upgrade the ADOM to 6.4 yet. So if you're using FMG and FGT, dont upgrade your FGTs to 6.4 if you still want to manage them in FMG.

neonbit
Valued Contributor

One nice thing I noticed is that they brought back WAN Opt in the GUI for FortiGate-VMs, wohoo!

btp
Contributor

Discovered a quite severe bug; I have a FG60E with a transparent VDOM through which I run IPTV. The STB gets it IP address from the BRAS through this VDOM. On 6.2.3 (and before) this is no problem. On 6.4.0 the STB doesn't get a response on the DHCP Discover. Tech support chat didn't know where I could report this. Anyone knows?

 

6.2.3:

vdom (TRANSP) # di sniffer packet any "port 67" 4 0 l

interfaces=[any]

filters=[port 67]

2020-04-07 21:59:06.929429 internal6 in 0.0.0.0.68 -> 255.255.255.255.67: udp 300

2020-04-07 21:59:06.929505 IPTV out 0.0.0.0.68 -> 255.255.255.255.67: udp 300

2020-04-07 21:59:06.929518 wan1 out 0.0.0.0.68 -> 255.255.255.255.67: udp 300

2020-04-07 21:59:06.943931 IPTV in 10.184.8.1.67 -> 10.184.11.253.68: udp 370

2020-04-07 21:59:06.943987 internal6 out 10.184.8.1.67 -> 10.184.11.253.68: udp 370

 

6.4.0

vdom (TRANSP) # di sniffer packet any "port 67" 4 0 l

interfaces=[any]

filters=[port 67]

2020-04-07 21:43:17.432823 internal6 in 0.0.0.0.68 -> 255.255.255.255.67: udp 300

2020-04-07 21:43:17.432882 IPTV out 0.0.0.0.68 -> 255.255.255.255.67: udp 300

2020-04-07 21:43:17.432891 wan1 out 0.0.0.0.68 -> 255.255.255.255.67: udp 300

2020-04-07 21:43:18.964584 internal6 in 0.0.0.0.68 -> 255.255.255.255.67: udp 300

2020-04-07 21:43:18.964654 IPTV out 0.0.0.0.68 -> 255.255.255.255.67: udp 300

2020-04-07 21:43:18.964665 wan1 out 0.0.0.0.68 -> 255.255.255.255.67: udp 300

2020-04-07 21:43:22.470057 internal6 in 0.0.0.0.68 -> 255.255.255.255.67: udp 300

2020-04-07 21:43:22.470129 IPTV out 0.0.0.0.68 -> 255.255.255.255.67: udp 300

2020-04-07 21:43:22.470139 wan1 out 0.0.0.0.68 -> 255.255.255.255.67: udp 300

-- Bjørn Tore

-- Bjørn Tore
Toshi_Esumi
Esteemed Contributor III

FYI: The beta was delayed and started on 1/30 this year according to FNDN.

tsis

Hello everyone I upgraded from 6.2.3 to 6.4 on my fortigate 61E and the wan Vlan links from the fiber provider are not connecting now to receive a public ip, reboot and factory reset to leave it clean of settings. still the same. It is not capable of receiving the public IP. through vlan, if I dowgrade to the old 6.2.3 if it works. Greetings

 

 

 

Top Kudoed Authors