Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Fullmoon
Contributor III

Created on ‎10-09-2019 05:06 PM

FortiOS 6.2.2 is out

 

https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/2e118d36-bde1-11e9-8977-005056...

Fortigate Newbie

Fortigate Newbie
29371
0 Kudos
5 Solutions
simonorch
Contributor
In response to bascheew

Created on ‎10-10-2019 11:38 AM

Upgraded my lab 60E and noticed either a deliberate change in behaviour or a bug but i couldn't find it in the notes.

 

when dhcp dns settings are at default (same as system dns) and the WAN/internet connection retrieves dns servers from dhcp, the previous behaviour was for the dhcp aquired dns servers to be used in internal dhcp scopes. Now it uses the configured system dns (fortiguard by default), which could be fatal for users if you have restricted dns traffic in your policies

 

I haven't tested this on any other boxes to confirm so i could be mistaken but be aware

View solution in original post

16446
0 Kudos
bascheew
New Contributor III
In response to Jirka1

Created on ‎10-10-2019 12:05 PM

Another bug.  In IPS, the severity column is blank!  You can't filter on severity as a result.

 

View solution in original post

Preview file
175 KB
16446
0 Kudos
neonbit
Valued Contributor
In response to bascheew

Created on ‎10-10-2019 07:05 PM

bascheew wrote:

Another bug.  In IPS, the severity column is blank!  You can't filter on severity as a result.

 

I can confirm I'm seeing the same thing. No severity or targets are populated in the GUI for IPS signatures so you can't filter on them.

 

*edit* Yup it's a known bug, scheduled to be fixed in 6.2.3.

View solution in original post

16446
0 Kudos
bascheew
New Contributor III
In response to thuynh_FTNT

Created on ‎10-25-2019 01:24 PM

thuynh wrote:

Hi bascheew, we could not reproduce the issue in our lab. Can you provide more details on your config (FGT model, FAP model, how's the FAP profile is setup, etc). Does it happen to new FAP profile? Your gif also doesnt work. 

 

The Fortigate is 500e, APs are 421E.  I cloned the profile and the same thing happened on the cloned profile.  Let's see if this GIF works:

 

View solution in original post

16446
0 Kudos
thuynh_FTNT
Staff
Staff
In response to richinnz

Created on ‎10-28-2019 02:40 PM

Hi Richard, this is just a display issue. You should still be able to configure IPS profile and the feature still works as before.

View solution in original post

16446
0 Kudos
27 REPLIES 27
bascheew
New Contributor III

Created on ‎10-09-2019 09:39 PM

I think I found a bug.

 

On AP Profiles, if SSIDs are manually assigned and you choose to view the profile, the SSID fields will be blank and if you press OK then you save the profile with no SSIDs.  If you're not paying attention you'll easily miss that you just removed any SSIDs!

 

See attached gif for how to reproduce:

6595
0 Kudos
simonorch
Contributor
In response to bascheew

Created on ‎10-10-2019 11:38 AM

Upgraded my lab 60E and noticed either a deliberate change in behaviour or a bug but i couldn't find it in the notes.

 

when dhcp dns settings are at default (same as system dns) and the WAN/internet connection retrieves dns servers from dhcp, the previous behaviour was for the dhcp aquired dns servers to be used in internal dhcp scopes. Now it uses the configured system dns (fortiguard by default), which could be fatal for users if you have restricted dns traffic in your policies

 

I haven't tested this on any other boxes to confirm so i could be mistaken but be aware

16447
0 Kudos
Jirka1
Contributor III
In response to simonorch

Created on ‎10-10-2019 11:57 AM

Finally add support for wildcard FQDN addresses in firewall policy!

6595
0 Kudos
bascheew
New Contributor III
In response to Jirka1

Created on ‎10-10-2019 12:05 PM

Another bug.  In IPS, the severity column is blank!  You can't filter on severity as a result.

 

Preview file
175 KB
16447
0 Kudos
tanr
Valued Contributor II
In response to bascheew

Created on ‎10-10-2019 06:57 PM

bascheew, just want to confirm that you still see those two issues after you clear your browser cache?
6595
0 Kudos
bascheew
New Contributor III
In response to tanr

Created on ‎10-10-2019 07:03 PM

I just tried clearing my cache and the issues are still there.  I then switched from Chrome to Edge and the problem still happens there too.  I tried creating a new IPS sensor and the problem still happens.

 

Also notice that in the IPS screenshot that the "Target" column is also blank.

6595
0 Kudos
neonbit
Valued Contributor
In response to bascheew

Created on ‎10-10-2019 07:05 PM

bascheew wrote:

Another bug.  In IPS, the severity column is blank!  You can't filter on severity as a result.

 

I can confirm I'm seeing the same thing. No severity or targets are populated in the GUI for IPS signatures so you can't filter on them.

 

*edit* Yup it's a known bug, scheduled to be fixed in 6.2.3.

16447
0 Kudos
ede_pfau
SuperUser
SuperUser
In response to neonbit

Created on ‎10-11-2019 04:43 AM

@simonorch:

FW01 (mgmt) # sh
config system interface
    edit "mgmt"
        set ip 192.168.1.99 255.255.255.0
        set allowaccess ping https ssh
        set type physical
        set dedicated-to management
        set role lan
        set snmp-index 1
        set ap-discover disable
    next
end

FW01 (mgmt) # set dns-server-override
enable     Use DNS acquired by DHCP or PPPoE.
disable    No not use DNS acquired by DHCP or PPPoE.

I think (prior to reading the docs, as always) that this is the switch you need. Maybe it's default has changed. Wouldn't be the first time a default value had changed.

Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
6595
0 Kudos
simonorch
Contributor
In response to ede_pfau

Created on ‎10-11-2019 11:23 AM

@ede_pfau

 

just checked 6.0 docs and enabled by default and after checking in cli is still default in 6.2.2, that means it sounds like dns override might be broken

6595
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.