Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
NapaCab
New Contributor

TLSv1.3 is now an approved standard how will D & E series 5.6 Fortigates deal with it?

Now that the standard has been ratified, how will the Fortigate D (CP8) and Fortigate E series (CP9) deal with TLSv1.3?

 

 

23 REPLIES 23
x_member
Contributor

Philippe_Gagne

Hi,

 

On my side, I received a IPS Engine update file from the TAC. Executed two commands in CLI and reboot the fortigate. Deep-inspection is now working well with Facebook, Gmail and all other TLS 1.3 enabled sites! 

 

I'm waiting for an answer about the file they gave me: is this file is model related or I can use it in all my Fortiges.

 

Philippe

 

bommi

Hi,

 

can you tell us the version of ipsengine you got from TAC?

 

Best Regards

Dominik

NSE 4/5/7

NSE 4/5/7
Philippe_Gagne

Hi Dominik,

 

The file name is: flen-560-3.516.pkg. So, in the Fortigate, it's named Version 3.00516. 

 

If I take a look in another 5.6.3 Fortigate, original version look like Version 3.00442.

 

I receive the confirmation from the TAC: I can install this in any models. 

 

Thanks

 

Philippe

kurtli_FTNT

Hi guys,

   Thanks for the concern on Tls1.3. But the engine 3.00516/7 is not fully ready for tls1.3 yet, our IPS team is still working on it. 

 

 

Regards

Philippe_Gagne

Hi,

 

Do you know if there is any new version/interim? Actually, the version 3.00516 is now the one deployed by Fortiguard. 

 

Thanks

 

Philippe

kurtli_FTNT

Hi Philippe,

   The latest version of IPS engine now is  3.00518.

 

 

Thanks

Philippe_Gagne

Hi,

 

Is this version (or newer) will be released soon? 

 

thanks

 

Philippe

 

romanr

Hey,

 

I doubt that only the IPS engine will bring full TLS 1.3 compatibility.... I guess Fortigate is using mostly openssl and the new librarie will need to go into the firmware...

 

Br,

Roman

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors