Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
James_G
Contributor III

FortiOS 6.4 is out

https://docs.fortinet.com/product/fortigate/6.4

 

It's dropped support for the 30e / 50e, so I wont be able try and load into test lab :(

4 Solutions
brizvi_FTNT

Hi Philippe,

 

Most of the monitor pages have been moved to the dashboard and can be added as widgets. This change is mentioned in the release notes here: https://docs.fortinet.com/document/fortigate/6.4.0/fortios-release-notes/743723/new-features-or-enha...

 

550911: Consolidate Monitor and FortiView pages.

FortiView and Monitor entries have been removed from the navigation bar. Most of the pages under them now show up as widgets in several newly added default dashboards. Exceptions being: 

- WiFi Client Monitor, which has been renamed to WiFi Clients and moved to the WiFi & Switch Controller section.

- Modem and WAN OPT pages which will still show up under Monitor if the feature is enabled.

View solution in original post

andrewbailey

Hi all,

 

I've had 6.4 running on a 60E for 18 days now. No issues with the upgrade and very stable. I quite like some of the GUI rearragnements and the upgrade has resolved a few issues I was seeing in 6.2.3 so I'm impressed so far.

 

As others have commented I think a short list of features and known issues gives me more condidence in the 6.4 release going forward. Hope others have similar experience.

 

However, I had noticed today that memory usage had climbed a bit. Memory use was around 67% initialy but had crept up to 80% today- so not serious, but would have triggered "Conserve Mode" in another day or two.

 

I had seen some comments (Reddit I think?) of someone else reporting similar issues which they believed were caused by the IOT daemon.

 

So quick diag check of the iotd:-

 

diag test app iotd 2 iotd_mem_stats:     alloc 2484424 free 734627 fail 0 now 258984944 max 258984944

.........

 

and then a iod restart:-

 

diag test app iotd 99

 

gave me the following post-restart iotd memory stats:-

 

diag test app iotd 2 iotd_mem_stats:     alloc 1611 free 1 fail 0 now 253268 max 253268

.........

 

This dropped the overall memory use from 80% back to 67% again.

 

So might be one to look for, and may indicate a slow memory leak in the iotd process?

 

I'll keep an eye on it and raise a ticket if I see it continue.

 

Kind Regards,

 

 

Andy.

 

View solution in original post

Accionet

Hello.

 

I have same problem with 6.4 on 60E and VLAN with PPPoE on WAN interface. IP not received from Internet Provider.

 

I´ve downgrade to 6.2.

 

Bye.

View solution in original post

brizvi_FTNT

Tipdrill wrote:

- Vlan do not work, everything is configured correctly. I have vlans with realy dhcp for avaya phones and the traffic no longer passes. The policies are correct.

Likely encountered a known issue mentioned in the release notes here: https://docs.fortinet.com/document/fortigate/6.4.0/fortios-release-notes/236526/known-issues

VLANs on a FortiLink interface configured to use a hardware switch interface may fail to come up after upgrading or rebooting.

 

- The new GUI does not load the interface bandwidth widgets. They remain in continuous loading.

 

Can you disable `monitor-bandwidth` for the interface from the CLI (instructions below), remove the widget for it from the GUI and add it again and let me know if that helps? If it does work, then it is likely an issue that we are looking to fix in a subsequent patch. 

 

To disable `monitor-bandwidth` for an interface:

> config system interface

> edit [insert port you want to edit]

> set monitor-bandwidth disable

> end

View solution in original post

38 REPLIES 38
bonafide
New Contributor

On my 60E, I had a VLAN attached to a hardware switch interface that was configured as a DHCP server for voip traffic, attached to a hardware switch.  This worked fine with 6.0 and 6.2, but with 6.4, the interface stopped responding to vlan tagged dhcp discovery requests from my yealink phones. Other devices on the same vlan with reserved addresses  received IP addresses, but not the phones. I ended up removing the vlan from the Fortigate and dedicating a port for untagged traffic and its working fine again.  I mention it here in case others run into dhcp / vlan issues with 6.4.

andrewbailey

Hi all,

 

I've had 6.4 running on a 60E for 18 days now. No issues with the upgrade and very stable. I quite like some of the GUI rearragnements and the upgrade has resolved a few issues I was seeing in 6.2.3 so I'm impressed so far.

 

As others have commented I think a short list of features and known issues gives me more condidence in the 6.4 release going forward. Hope others have similar experience.

 

However, I had noticed today that memory usage had climbed a bit. Memory use was around 67% initialy but had crept up to 80% today- so not serious, but would have triggered "Conserve Mode" in another day or two.

 

I had seen some comments (Reddit I think?) of someone else reporting similar issues which they believed were caused by the IOT daemon.

 

So quick diag check of the iotd:-

 

diag test app iotd 2 iotd_mem_stats:     alloc 2484424 free 734627 fail 0 now 258984944 max 258984944

.........

 

and then a iod restart:-

 

diag test app iotd 99

 

gave me the following post-restart iotd memory stats:-

 

diag test app iotd 2 iotd_mem_stats:     alloc 1611 free 1 fail 0 now 253268 max 253268

.........

 

This dropped the overall memory use from 80% back to 67% again.

 

So might be one to look for, and may indicate a slow memory leak in the iotd process?

 

I'll keep an eye on it and raise a ticket if I see it continue.

 

Kind Regards,

 

 

Andy.

 

James_G

Andy Bailey wrote:
Hi all,   I've had 6.4 running on a 60E for 18 days now. No issues with the upgrade and very stable. I quite like some of the GUI rearragnements and the upgrade has resolved a few issues I was seeing in 6.2.3 so I'm impressed so far.   As others have commented I think a short list of features and known issues gives me more condidence in the 6.4 release going forward. Hope others have similar experience.   However, I had noticed today that memory usage had climbed a bit. Memory use was around 67% initialy but had crept up to 80% today- so not serious, but would have triggered "Conserve Mode" in another day or two.  
Memory leaks are a def stay away for me, thanks for the info
James_G

For info, 6.4 is out for f models now
Accionet

Hello.

 

I have same problem with 6.4 on 60E and VLAN with PPPoE on WAN interface. IP not received from Internet Provider.

 

I´ve downgrade to 6.2.

 

Bye.

Tipdrill

Hello, I updated from 6.2.3 to 6.4 and I have the following problems:

 

- Vlan do not work, everything is configured correctly. I have vlans with realy dhcp for avaya phones and the traffic no longer passes. The policies are correct.

 

- The new GUI does not load the interface bandwidth widgets. They remain in continuous loading.

 

Do you have any suggestions? Thank you

brizvi_FTNT

Tipdrill wrote:

- Vlan do not work, everything is configured correctly. I have vlans with realy dhcp for avaya phones and the traffic no longer passes. The policies are correct.

Likely encountered a known issue mentioned in the release notes here: https://docs.fortinet.com/document/fortigate/6.4.0/fortios-release-notes/236526/known-issues

VLANs on a FortiLink interface configured to use a hardware switch interface may fail to come up after upgrading or rebooting.

 

- The new GUI does not load the interface bandwidth widgets. They remain in continuous loading.

 

Can you disable `monitor-bandwidth` for the interface from the CLI (instructions below), remove the widget for it from the GUI and add it again and let me know if that helps? If it does work, then it is likely an issue that we are looking to fix in a subsequent patch. 

 

To disable `monitor-bandwidth` for an interface:

> config system interface

> edit [insert port you want to edit]

> set monitor-bandwidth disable

> end

Tipdrill

brizvi wrote:

Likely encountered a known issue mentioned in the release notes here: https://docs.fortinet.com/document/fortigate/6.4.0/fortios-release-notes/236526/known-issues

VLANs on a FortiLink interface configured to use a hardware switch interface may fail to come up after upgrading or rebooting.

 

Ok, for bug 622812 you have a workaround?

 

 

brizvi wrote:

 

Can you disable `monitor-bandwidth` for the interface from the CLI (instructions below), remove the widget for it from the GUI and add it again and let me know if that helps? If it does work, then it is likely an issue that we are looking to fix in a subsequent patch. 

 

To disable `monitor-bandwidth` for an interface:

> config system interface

> edit [insert port you want to edit]

> set monitor-bandwidth disable

> end

OH THANK YOU! Now widget are ok!!!

 

PTM
New Contributor II

Upgraded my home/lab FG-60E from FOS-6.2.3 to FOS-6.4.0, and it no longer picks up a DHCP IP address from the ISP. As everyone is working/studying/NetFlix-ing from home at the moment, I can only have the router down for a few minutes before people start shouting at me, but some basic troubleshooting and it looks like FGT isn't sending DHCP REQUEST packets.

 

Anyone seen anything like this?

 

I'll try again tomorrow and do some decent T/S.

 

PTM.

Magnitude_8
New Contributor II

I've upgraded a customer's 200E to FortiOS 6.4.0 and have found that iOS devices will no longer pass HTTP/HTTPS traffic when connected to a guest VLAN. The logs indicate DNS lookups are working, but no web traffic. Strange thing is that everything works fine on the corporate VLAN.

 

A packet capture on the guest VLAN doesn't reveal any web traffic is hitting the firewall, but this issue coincides with the firmware upgrade, so I find it hard to believe the issue is elsewhere.

 

Has anyone come across any issues with iOS devices on FortiOS 6.4.0?

Top Kudoed Authors