Helpful ReplyHot!Is FortiOS 6.0.8 also affected by random RDP disconnects?

Author
PurpleShirt
New Member
  • Total Posts : 7
  • Scores: 0
  • Reward points: 0
  • Status: offline
2020/03/30 06:21:43 (permalink) 6.0
0

Is FortiOS 6.0.8 also affected by random RDP disconnects?

Hi community
 
we have a FortiGate 200D with ~30 SSL VPN Users. We have a problem that we're unable to find the cause of. All connected users are getting disconnected all at once several times during the day. It's not possible for them to work like this.
 
I want to upgrade the firmware of our firewall, to see if the problem can be solved by that. In the known issues of the version 6.0.9 it says that it also has the problem with the random disconnects. I want to avoid those problems and have a stable infrastructure, so I'm tempted to try version 6.0.8. In the known issues section of 6.0.8 there's no mention of RDP Problems.
 
I wanted to ask if those issues are exclusive to 6.0.9 or is version 6.0.8 also affected by them?
 
Thank you.
#1
Philippe Gagne
Bronze Member
  • Total Posts : 50
  • Scores: 4
  • Reward points: 0
  • Joined: 2015/06/25 17:55:25
  • Location: Trois-Rivieres
  • Status: offline
Re: Is FortiOS 6.0.8 also affected by random RDP disconnects? 2020/03/30 06:54:23 (permalink) ☄ Helpfulby PurpleShirt 2020/03/30 15:07:05
0
Hi,
 
I got the same problem with RDP in 6.0.8 and 6.0.9. Issue started in 6.0.8.
 
Fortinet will fix in 6.0.10 or, if you can't wait, you have to call TAC, I got a custom 6.0.9 FortiOS version that fixes this issue. Everything works fine since I upgraded with the custom build.
 
Regards,
 
Philippe
 
#2
Toshi Esumi
Expert Member
  • Total Posts : 2087
  • Scores: 190
  • Reward points: 0
  • Joined: 2014/11/06 09:56:42
  • Status: offline
Re: Is FortiOS 6.0.8 also affected by random RDP disconnects? 2020/03/30 08:03:40 (permalink)
0
Just FYI: I've heard from FTNT SE that the current 6.0.10 target release date is in early June.
#3
ede_pfau
Expert Member
  • Total Posts : 6267
  • Scores: 526
  • Reward points: 0
  • Joined: 2004/03/09 01:20:18
  • Location: Heidelberg, Germany
  • Status: offline
Re: Is FortiOS 6.0.8 also affected by random RDP disconnects? 2020/03/30 13:54:11 (permalink)
0
hmmm...if you read what Bogdan posted today (same problem, remedy) then it might mitigate your situation a bit.
 
At first I didn't understand how RDP interruptions and missing blackhole routes play together. Now, I think that the RDP problems are caused by some firmware bug (possibly fixed in v6.0.10) but...their effect is more serious if you do not install blackhole routes.
That's because when the session is interrupted (the dialup tunnel is closed) the FGT will send traffic out the WAN interface where the default route points to. Thus, a session is established. When the tunnel comes up again (maybe in a second or so) it cannot reestablish the session because there is already a valid session active for this traffic. Only after a timeout the session can be built up across the tunnel, and the application continues to run. The net effect is that the connection stalls for quite some time.

Ede

" Kernel panic: Aiee, killing interrupt handler!"
#4
PurpleShirt
New Member
  • Total Posts : 7
  • Scores: 0
  • Reward points: 0
  • Status: offline
Re: Is FortiOS 6.0.8 also affected by random RDP disconnects? 2020/03/30 15:08:46 (permalink)
0
pgagne@androide.com
Hi,
 
I got the same problem with RDP in 6.0.8 and 6.0.9. Issue started in 6.0.8.
 
Fortinet will fix in 6.0.10 or, if you can't wait, you have to call TAC, I got a custom 6.0.9 FortiOS version that fixes this issue. Everything works fine since I upgraded with the custom build.
 
Regards,
 
Philippe
 




Hi Philippe
 
thank you for your input. I contacted technical support, and they gave me the special build 6.0.9, where this issue is resolved.
 
I will update this thread once I've upgraded the firmware and tested it a few days.
#5
PurpleShirt
New Member
  • Total Posts : 7
  • Scores: 0
  • Reward points: 0
  • Status: offline
Re: Is FortiOS 6.0.8 also affected by random RDP disconnects? 2020/04/01 03:41:30 (permalink)
0
Hi guys,
 
so I wanted to share a little update.
 
We still had mass disconnects, even after installing the latest upgrade.
We had a remote session with a fortinet engineer. He suggested us to try to connect with our second WAN interface, as our config seemed fine. We tried that and it worked like a charm.
We opened a ticket with our primary ISP, and they told us that they see many drops on the router. They're now checking why this happens.
 
Maybe this information can help someone, who's facing similar issues.
#6
mr_vaughn
New Member
  • Total Posts : 3
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/01/06 11:13:49
  • Status: offline
Re: Is FortiOS 6.0.8 also affected by random RDP disconnects? 2020/04/01 18:34:08 (permalink)
0
Do you have SDWAN enabled or multiple ISP's?
 
 
if so try this. Seems to have worked for us in similar issues with multiple clients and SSl VPN disconnects
https://vata.com/knowledge-base/stop-fortinet-forticlient-disconnects/
 
#7
Baptiste
Gold Member
  • Total Posts : 171
  • Scores: 13
  • Reward points: 0
  • Status: offline
Re: Is FortiOS 6.0.8 also affected by random RDP disconnects? 2020/04/06 00:22:05 (permalink)
0
Hi 
I got an interim update from support( FGT_100D-v6-build8661-FORTINET.out ) .
I was running 6.0.9 on a 100D cluster
Since update last wednesday, no more disconnection on RDP session 

2 FGT 100D  + FTK200
3 FGT 60E 
FAZ VM 
some FAP 210B/221C/223C/321C/421E
#8
Jump to:
© 2020 APG vNext Commercial Version 5.5