Helpful ReplyHot!FortiOS 6.0.4 is out!

Page: 123 > Showing page 1 of 3
Author
Hosemacht
Bronze Member
  • Total Posts : 40
  • Scores: 1
  • Reward points: 0
  • Joined: 2017/04/18 04:06:13
  • Status: offline
2019/01/11 03:35:27 (permalink)
0

FortiOS 6.0.4 is out!

lots of bugfixes
 
https://docs.fortinet.com...release-notes/download
#1
BrUz
Gold Member
  • Total Posts : 399
  • Scores: 8
  • Reward points: 0
  • Joined: 2011/09/30 01:26:25
  • Location: Norway
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/11 04:04:06 (permalink)
0
Nice!
 
522576 GUI always loading VPN interface when there is over 5k VPN tunnel interfaces.
What a bug.. Who have over 5k VPN tunnel interfaces?
 
 

Fortigate <3
#2
mike_dp
Bronze Member
  • Total Posts : 29
  • Scores: 0
  • Reward points: 0
  • Joined: 2016/02/22 12:26:22
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/11 07:41:11 (permalink)
0
Anyone tried it yet? We plan to try it in the next few days. Lots of bug fixes for sure!
#3
BrUz
Gold Member
  • Total Posts : 399
  • Scores: 8
  • Reward points: 0
  • Joined: 2011/09/30 01:26:25
  • Location: Norway
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/11 07:44:27 (permalink)
0
Tested 2*100e in lab, will test in production next week.

Fortigate <3
#4
SEI
New Member
  • Total Posts : 4
  • Scores: 2
  • Reward points: 0
  • Joined: 2017/08/23 07:13:24
  • Location: Switzerland
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/12 01:17:38 (permalink)
0
Had someone a chance to test authentication based on LDAP, which stopped working after 5.6.4 and 6.x.x
releases; but works fine in 5.6.3?
 
According to other threads in this forum, it is a confirmed bug and should be resolved in 5.6.8 but 6.0.x ?
The LDAP(S) authentication on our 1200D HA did not work on any 6.0.x releases so far.
(It does not work as we have a high number of groups user accounts are member of and probably it also dependts on how deep the nested group structure is)
#5
Jirka
Gold Member
  • Total Posts : 121
  • Scores: 4
  • Reward points: 0
  • Joined: 2014/07/09 11:34:53
  • Location: Czech Republic
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/12 08:11:27 (permalink)
0
Yesterday tested on 2x 200E (LDAP, 12x IPsec, SSL, Radius, deep inspection), 81E, 60E, 60D - not found any problems.
Pleasant surprise...
#6
Jirka
Gold Member
  • Total Posts : 121
  • Scores: 4
  • Reward points: 0
  • Joined: 2014/07/09 11:34:53
  • Location: Czech Republic
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/12 12:56:30 (permalink)
0
ok, the first problem appeared. In version 6.0.4, IP addresses do not translate to DNS names at src address. This is happening in both FortiView and Logs section on all tested boxes.
 

Jirka
 

Attached Image(s)

#7
SMabille
Silver Member
  • Total Posts : 69
  • Scores: 18
  • Reward points: 0
  • Joined: 2013/03/31 15:39:51
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/14 05:19:14 (permalink)
0
Hi,
 
Upgraded 60E (home lab) from 6.0.3 to 6.0.4:
- Had a chrome popup requesting access to webcam while moving around admin (device inventory) - not reproduced since.
- Massive amount of admin logging session from 127.0.0.1, only noticed when tried to log in after 20 hours and had warning maximum number of admin sessions (100) reached, checked the system log and attempt to open sessions from 127.0.0.1 about one per 30 sec / 1 minute.
 
Obviously really worried about firmware contains malware, opened ticker with Fortinet.
 
Anyone noticed similar behaviour? 
#8
SMabille
Silver Member
  • Total Posts : 69
  • Scores: 18
  • Reward points: 0
  • Joined: 2013/03/31 15:39:51
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/14 05:21:47 (permalink)
0
Hi,
 
Are you using local log storage, cloud or FortAnalyzer?
I can't see the same behaviour (works as expected for me) on 60E + FortiAnalyzer 6.0.3
 
Stephane 
 
sigmasoftcz
ok, the first problem appeared. In version 6.0.4, IP addresses do not translate to DNS names at src address. This is happening in both FortiView and Logs section on all tested boxes.
 

Jirka
 




#9
Jirka
Gold Member
  • Total Posts : 121
  • Scores: 4
  • Reward points: 0
  • Joined: 2014/07/09 11:34:53
  • Location: Czech Republic
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/14 05:30:57 (permalink)
0
Hi Stephane,

yes, we use FortiAnalyzer.
It is true that the problem can be even there. We also updated the FAZ to version 6.0.4. I will look at it.

Jirka
#10
Jirka
Gold Member
  • Total Posts : 121
  • Scores: 4
  • Reward points: 0
  • Joined: 2014/07/09 11:34:53
  • Location: Czech Republic
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/14 05:30:58 (permalink)
0
Hi Stephane,

yes, we use FortiAnalyzer.
It is true that the problem can be even there. We also updated the FAZ to version 6.0.4. I will look at it.

Jirka
#11
bommi
Gold Member
  • Total Posts : 143
  • Scores: 10
  • Reward points: 0
  • Joined: 2016/08/03 03:42:49
  • Location: Germany
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/14 06:31:54 (permalink)
0
SMabille
- Had a chrome popup requesting access to webcam while moving around admin (device inventory) - not reproduced since.
...
Obviously really worried about firmware contains malware, opened ticker with Fortinet.
 
Anyone noticed similar behaviour?



This is an expected behaviour.
Just go to "User & Device" --> "Custom Devices & Groups" --> Edit a Device --> Press the "Capture Image" Button.
 
No malware... Only a feature to capture an Image.
 
Regards
bommi
#12
SMabille
Silver Member
  • Total Posts : 69
  • Scores: 18
  • Reward points: 0
  • Joined: 2013/03/31 15:39:51
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/14 07:09:07 (permalink)
0
Hi,
 
Except I didn't select Capture image, and it doesn't explain the large number of self-admin logging using my credential from 127.0.0.1 even when not logged.
 
EDIT: Looks like the admin log ins have been solved upgrading FortiAnalyzer from 6.0.3 to 6.0.4
 
 
Thanks,
Stephane
 
bommi
SMabille
- Had a chrome popup requesting access to webcam while moving around admin (device inventory) - not reproduced since.
...
Obviously really worried about firmware contains malware, opened ticker with Fortinet.
 
Anyone noticed similar behaviour?



This is an expected behaviour.
Just go to "User & Device" --> "Custom Devices & Groups" --> Edit a Device --> Press the "Capture Image" Button.
 
No malware... Only a feature to capture an Image.
 
Regards
bommi




post edited by SMabille - 2019/01/14 07:31:43
#13
Jordan_Thompson_FTNT
optimizzz
  • Total Posts : 462
  • Scores: 16
  • Reward points: 0
  • Joined: 2011/10/17 21:30:20
  • Location: Canada
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/14 15:54:27 (permalink)
0
SMabille
Except I didn't select Capture image, and it doesn't explain the large number of self-admin logging using my credential from 127.0.0.1 even when not logged.

 
Depending on the browser, this prompt may appear just from loading the page. It is not malware.
 
SMabille
EDIT: Looks like the admin log ins have been solved upgrading FortiAnalyzer from 6.0.3 to 6.0.4
 



Correct, newer FortiAnalyzer firmware solves this problem.
#14
Jordan_Thompson_FTNT
optimizzz
  • Total Posts : 462
  • Scores: 16
  • Reward points: 0
  • Joined: 2011/10/17 21:30:20
  • Location: Canada
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/14 15:57:26 (permalink)
0
sigmasoftcz
ok, the first problem appeared. In version 6.0.4, IP addresses do not translate to DNS names at src address. This is happening in both FortiView and Logs section on all tested boxes.

 
Previous versions of FortiOS also did not do reverse DNS lookup on source IPs. This feature is for destination views.
#15
Jirka
Gold Member
  • Total Posts : 121
  • Scores: 4
  • Reward points: 0
  • Joined: 2014/07/09 11:34:53
  • Location: Czech Republic
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/15 00:52:46 (permalink)
0
Jordan_Thompson_FTNT
sigmasoftcz
ok, the first problem appeared. In version 6.0.4, IP addresses do not translate to DNS names at src address. This is happening in both FortiView and Logs section on all tested boxes.

 
Previous versions of FortiOS also did not do reverse DNS lookup on source IPs. This feature is for destination views.




Hi Jordan,
I disagree. In version 5.6.7, PTR records are beautifully visible. FortiView-> Traffic from WAN-> Source

 
Jirka

Attached Image(s)

#16
empolo
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/11/21 01:02:59
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/15 04:22:18 (permalink)
0
Hi
I cant seem to find the upgrade path to 6.0.4. I have version 6.0.2 installed on my 501E. Could i upgrade to 6.0.4 directly or should i first upgrade to 6.0.3 and then to 6.0.4?
#17
ddskier
Gold Member
  • Total Posts : 390
  • Scores: 16
  • Reward points: 0
  • Joined: 2007/04/10 08:18:06
  • Location: Chicago, IL
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/15 07:12:28 (permalink)
0
Go to support portal....  https://support.fortinet.com/Download/FirmwareImages.aspx
 
Click on the "Upgrade Path" tab and select your model, current firmware, and Upgrade To FortiOS Version.
Afterwards the page will display the correct upgrade path for you.
 
I'm going to guess that you can jump from 6.0.2 to 6.0.4.   The versions are pretty close.

-DDSkier

FCNSA, FCNSP
FortiGate 400D, (2) 200D, (12) 100D, (2) 60D
#18
ghorchem
New Member
  • Total Posts : 18
  • Scores: 0
  • Reward points: 0
  • Joined: 2012/07/07 09:09:21
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/15 12:41:28 (permalink)
0
Captive Portal login with a local username and password on the Fortigate works. With LDAP remote authentication it fails. It did the same thing in 6.0.3 when will this be fixed. We have rolled back to 6.0.2
post edited by ghorchem - 2019/01/15 12:42:56
#19
hklb
Gold Member
  • Total Posts : 232
  • Scores: 29
  • Reward points: 0
  • Joined: 2014/06/10 15:00:59
  • Status: offline
Re: FortiOS 6.0.4 is out! 2019/01/15 12:47:25 (permalink)
0
ghorchem
Captive Portal login with a local username and password on the Fortigate works. With LDAP remote authentication it fails. It did the same thing in 6.0.3 when will this be fixed. We have rolled back to 6.0.2



Hi,
 
Did you open a support case?
 
Lucas
#20
Page: 123 > Showing page 1 of 3
Jump to:
© 2019 APG vNext Commercial Version 5.5