Helpful ReplyHot!FortiOS 5.6.0 GA is Out

Page: 12 > Showing page 1 of 2
Author
Alby23
Gold Member
  • Total Posts : 165
  • Scores: 7
  • Reward points: 0
  • Joined: 2016/06/24 08:57:33
  • Status: offline
BWiebe
Bronze Member
  • Total Posts : 58
  • Scores: 1
  • Reward points: 0
  • Joined: 2012/06/07 07:54:42
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/03/31 07:06:32 (permalink)
0
Gotta be a brave soul to have that on anything but a test box, for a few patch levels, anyways.
#2
Alby23
Gold Member
  • Total Posts : 165
  • Scores: 7
  • Reward points: 0
  • Joined: 2016/06/24 08:57:33
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/03/31 07:31:15 (permalink)
0
The FortiView functionality related to Physical and Logical Topology is awesome now.
AP and Switches seen as access devices and so on. Really good shot.
#3
emnoc
Expert Member
  • Total Posts : 4400
  • Scores: 249
  • Reward points: 0
  • Joined: 2008/03/20 13:30:33
  • Location: AUSTIN TX AREA
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/03/31 08:40:47 (permalink)
0
I would  try it but I see they silenltly drop the FWF60D model but the FGT60D is on the supported device list.
 
Ken

PCNSE6,PCNSE7, ACE, CCNP,FCNSP,FCESP,Linux+,CEH,ECSA,SCSA,SCNA,CISCA email/web
#4
dedmonds_FTNT
Bronze Member
  • Total Posts : 23
  • Scores: 0
  • Reward points: 0
  • Joined: 2004/08/26 10:01:41
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/03/31 08:49:30 (permalink)
0
The FWF-60D is a supported model.  It was accidentally missed in the release notes.  An updated copy will be posted today - March 31, 2017.
#5
Alby23
Gold Member
  • Total Posts : 165
  • Scores: 7
  • Reward points: 0
  • Joined: 2016/06/24 08:57:33
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/03/31 08:58:20 (permalink)
0
There is an ETA for FortiAnalyzer 5.6.0 GA?
 
It is mandatory in order to efficiently try the Security Fabric.
#6
slavko
Silver Member
  • Total Posts : 82
  • Scores: 6
  • Reward points: 0
  • Joined: 2014/08/09 01:05:35
  • Location: Montenegro
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/03/31 13:08:24 (permalink)
0
I hope that DDNS can finally discover when public IP changes on the ISP router's public interface, as tech support promised me. One of our customers was waiting for 5.6 just for this.
 
And I must say once again: GUI is just hideous and still has that "unfinished" feel to it, just like it did in version 5.4.0. I can't understand why so little attention is given to this.

NSE 4, NSE 5, NSE 7, FortiMail & FortiWeb Specialist
All oppinions/statements written here are my own.
#7
neonbit
Gold Member
  • Total Posts : 386
  • Scores: 26
  • Reward points: 0
  • Joined: 2013/07/02 21:39:52
  • Location: Dark side of the moon
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/04/01 03:44:36 (permalink)
0
Upgraded my FG800C and it's been humming away nicely. No problems with SSLVPN (FortiClient 5.6beta) and IPSEC VPNs (FG 5.4.4) so far.
 
The memory utilization dropped so much, was at 50% with normal traffic and now it's at 25%.
#8
MikePruett
Platinum Member
  • Total Posts : 674
  • Scores: 13
  • Reward points: 0
  • Joined: 2014/01/08 19:39:40
  • Location: Montgomery, Al
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/04/01 20:30:08 (permalink)
1 (1)
Did they fix the bug where if you put a block at the very top in NGFW mode it nukes the allows beneath?
 
IE, block porn as the very first policy but allows beneath it don't work either.

Mike Pruett
Fortinet GURU
#9
Ron_Uss
New Member
  • Total Posts : 10
  • Scores: 0
  • Reward points: 0
  • Joined: 2014/04/28 01:43:24
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/04/03 00:42:00 (permalink)
0
Nice,... I'm testing it on my FWF-50E. But, where is FG200/201E?
#10
MikePruett
Platinum Member
  • Total Posts : 674
  • Scores: 13
  • Reward points: 0
  • Joined: 2014/01/08 19:39:40
  • Location: Montgomery, Al
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/04/03 11:05:41 (permalink)
0
Hurts that you can't use NGFW style policies with zones right now. It forces you to use the NAT table when you do that but it kinda doesn't work with zones. Spits out an error in the gui and the zone interface isn't even an option in the CLI.

Mike Pruett
Fortinet GURU
#11
Jordan_Thompson_FTNT
optimizzz
  • Total Posts : 444
  • Scores: 13
  • Reward points: 0
  • Joined: 2011/10/17 21:30:20
  • Location: Canada
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/04/03 11:40:54 (permalink)
0
We are reviewing support for Zones in central NAT rules (for NGFW) to see if it can be supported in a future release.
#12
MikePruett
Platinum Member
  • Total Posts : 674
  • Scores: 13
  • Reward points: 0
  • Joined: 2014/01/08 19:39:40
  • Location: Montgomery, Al
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/04/03 11:53:14 (permalink)
0
Thanks Jordan, Hopefully it can be as I use zones almost exclusively to consolidate and reduce policy counts.

Mike Pruett
Fortinet GURU
#13
PDG
Bronze Member
  • Total Posts : 36
  • Scores: 0
  • Reward points: 0
  • Joined: 2004/03/14 09:35:43
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/04/04 01:30:55 (permalink)
0
I'm also waiting for the 200E/201E.
#14
wcbenyip
Gold Member
  • Total Posts : 394
  • Scores: 4
  • Reward points: 0
  • Joined: 2004/12/27 23:02:51
  • Location: HKSARG
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/04/27 03:05:21 (permalink) ☄ Helpfulby slavko 2017/04/28 05:48:00
0
I just upgraded our box (200D, 100D, 80CM..) with the latest v5.6.0, and also upgraded the FA with the latest v5.4.2 (it needs to rebuild the DB for 2 days..) Everything seems good and the IPSec VPN, SSLVPN without any dropping after the upgrading.
 
I noticed that the "Threat Map" in v5.4.4 is gone once upgraded to v5.6.0... even it's somehow a gimmick, but it's nice if can keep in v5.6~
 
The Physical / Logical Topology is nice but I found it recognized the host in the wrong side... like an internal host located at the side of WAN1... I am not sure but I set the role as LAN for internal ports and the DMZ...
 
For the CSF (Cooperative Security Fabric).. seems I have to enable the FortiTelementry on interfaces and must to use OSPF rather than static routing.... still not yet fully experience the benefit / beauty of Security Fabric....

Protect yourself~ http://www.secunia.com
MBCS CEH FCNSA
#15
slavko
Silver Member
  • Total Posts : 82
  • Scores: 6
  • Reward points: 0
  • Joined: 2014/08/09 01:05:35
  • Location: Montenegro
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/04/28 05:49:08 (permalink)
0
Hello,
 
Can you please confirm that FortiAnalyzer 5.4.2 is able to collect logs from FortiOS 5.6? There's no such info in the Release Notes and compatibility matrix.
 
Thank you,
Slavko
post edited by slavko - 2017/04/28 05:59:08

NSE 4, NSE 5, NSE 7, FortiMail & FortiWeb Specialist
All oppinions/statements written here are my own.
#16
Sharoness
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2012/10/28 09:57:24
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/04/29 23:44:18 (permalink)
0
It does not collect logs! You have to wait till the GA of Forti OS 5.6 for Analyzer
#17
dominikw
Gold Member
  • Total Posts : 152
  • Scores: 5
  • Reward points: 0
  • Joined: 2007/10/04 02:47:16
  • Location: Poland
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/05/02 01:18:46 (permalink)
0
Hello,
 
I cannot find how to setup different ntp server than Fortiguard (i.e. pool.ntp.org). In GUI (FG 60D) custom is greyed out and info I should do this in CLI. But in CLI I can see only those options :
 
FGT-DW # config system ntp
FGT-DW (ntp) # show full-configuration
config system ntp    
set ntpsync enable    
set type fortiguard    
set syncinterval 60    
set source-ip 0.0.0.0    
set server-mode disable
end
FGT-DW (ntp) # set type ? 
fortiguard    FortiGuard.
custom        Custom server.
FGT-DW (ntp) # set type custom  <Enter>
FGT-DW (ntp) # set ? 
ntpsync         Enable/disable synchronization with NTP Server.
type            FortiGuard or custom NTP Server.
syncinterval    NTP synchronization interval.
source-ip       Source IP for communications to NTP server.
server-mode     Enable/disable NTP Server Mode.
 

Dominik Weglarz, IT System Engineer
#18
Alby23
Gold Member
  • Total Posts : 165
  • Scores: 7
  • Reward points: 0
  • Joined: 2016/06/24 08:57:33
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/05/02 02:57:04 (permalink)
0
config system ntp
set ntpsync enable
set type custom
set syncinterval 60
config ntpserver
edit 1
set server "ntp1.inrim.it"
next
end
end

Attached Image(s)

#19
dominikw
Gold Member
  • Total Posts : 152
  • Scores: 5
  • Reward points: 0
  • Joined: 2007/10/04 02:47:16
  • Location: Poland
  • Status: offline
Re: FortiOS 5.6.0 GA is Out 2017/05/02 03:34:25 (permalink)
0
Thank you.
 

Dominik Weglarz, IT System Engineer
#20
Page: 12 > Showing page 1 of 2
Jump to:
© 2017 APG vNext Commercial Version 5.5