Hot!FortiOS 7.0 is out !!!

Author
mike_dp
Silver Member
  • Total Posts : 63
  • Scores: 2
  • Reward points: 0
  • Joined: 2016/02/22 12:26:22
  • Status: offline
2021/03/31 12:52:18 (permalink)
0

FortiOS 7.0 is out !!!

Who's going first?
 
My first reaction :

Attached Image(s)


Fortigate : 80E, 80F, 100E, 300E
FortiAnalyzer, ForticlientEMS
#1

10 Replies Related Threads

    emnoc
    Expert Member
    • Total Posts : 6097
    • Scores: 414
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: online
    Re: FortiOS 7.0 is out !!! 2021/03/31 13:42:20 (permalink)
    0
    We will go to 7.0.1 when that maintenance release comes out. I was hoping the ftnt demo FGT200E would already be on 7.0 but I guess even FTNT is hesitate to upgrade and in fact they are still running 6.4.3 on that beast
     
    Ken Felix

    PCNSE 
    NSE 
    StrongSwan  
    #2
    Kenundrum
    Gold Member
    • Total Posts : 167
    • Scores: 23
    • Reward points: 0
    • Joined: 2008/05/15 10:25:50
    • Location: Rhode Island, US
    • Status: offline
    Re: FortiOS 7.0 is out !!! 2021/04/01 01:40:24 (permalink)
    0
    I put it on my home 60E. First impressions so far- it works. No deal breaker crashes yet. A bunch of quality of life updates like more color schemes and snappier UI are helpful.
    The migration of interfaces to zones and related features is promising and should help reduce the need to do lots of find/replace inside a config file.

    I mainly wanted to try zero trust networking to see if they can live up to the hype. So far I'm severely disappointed. There is next to no documentation available on that feature and it's not obvious how exactly to set it up. The documentation available for 7.x has a bunch of typos.

    CISSP, NSE4
     
    #3
    bws
    New Member
    • Total Posts : 4
    • Scores: 0
    • Reward points: 0
    • Joined: 2015/05/01 01:56:52
    • Status: offline
    Re: FortiOS 7.0 is out !!! 2021/04/01 09:52:53 (permalink)
    0
    Does anyone know if older FAPs do not work anymore? Upgrade of FWF60E went fine but the FAP24D and FAP321C, both v6.0-build0044 did not connect, also after a reboot of the access points.
    It is possible to create profiles for these access points but without getting a connection to the FWF60E.
    #4
    mike_dp
    Silver Member
    • Total Posts : 63
    • Scores: 2
    • Reward points: 0
    • Joined: 2016/02/22 12:26:22
    • Status: offline
    Re: FortiOS 7.0 is out !!! 2021/04/01 10:12:30 (permalink)
    0
    Release notes of FortiOS 7.0 says it support FortiAP 5.6+ so I think it should work. It looks like a new bug. You should open a case with TAC.

    Fortigate : 80E, 80F, 100E, 300E
    FortiAnalyzer, ForticlientEMS
    #5
    TecnetRuss
    Silver Member
    • Total Posts : 50
    • Scores: 16
    • Reward points: 0
    • Joined: 2017/02/27 13:14:44
    • Status: online
    Re: FortiOS 7.0 is out !!! 2021/04/01 15:33:25 (permalink)
    0
    I had a chance to test out the built-in ACME/Let's Encrypt cert generation and it seems to work well even for dynamic fortiddns.com or float-zone.com names, although we'll have to wait 60-90 days to ensure the auto-renewal works reliably.  It's handy to have a valid cert for admin and SSL-VPN for small clients.
     
    https://docs.fortinet.com/document/fortigate/7.0.0/new-features/822087/acme-certificate-support
     
    Russ
    NSE7
    post edited by TecnetRuss - 2021/04/01 15:36:10
    #6
    Jirka
    Gold Member
    • Total Posts : 186
    • Scores: 7
    • Reward points: 0
    • Joined: 2014/07/09 11:34:53
    • Location: Czech Republic
    • Status: offline
    Re: FortiOS 7.0 is out !!! 2021/04/26 08:30:47 (permalink)
    0
    Hello,
    please anyone know when to be ETA FortiOS 7.0 for 80 / 81F?
    Thanks.

    Jirka
    #7
    Leeos
    New Member
    • Total Posts : 13
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/05/20 13:08:39
    • Status: offline
    Re: FortiOS 7.0 is out !!! 2021/05/02 21:42:02 (permalink)
    0
    I had the same problem. Only FAPs E version work. Any solution?
     
    post edited by Leeos - 2021/05/02 21:51:00
    #8
    SJFriedl
    Bronze Member
    • Total Posts : 29
    • Scores: 0
    • Reward points: 0
    • Joined: 2015/12/10 14:13:55
    • Location: Southern California USA
    • Status: offline
    Re: FortiOS 7.0 is out !!! 2021/05/03 09:12:01 (permalink)
    0
    Leeos
    I had the same problem. Only FAPs E version work. Any solution?

    FortiOS 7 disables some ciphers that you have to enable to run the older APs, at least for long enough to get their firmware upgrade to support better ciphers.
     
    Ref: https://kb.fortinet.com/k...amp;externalId=FD52029
    #9
    thuynh_FTNT
    Silver Member
    • Total Posts : 68
    • Scores: -2
    • Reward points: 0
    • Joined: 2014/02/05 09:30:09
    • Status: offline
    Re: FortiOS 7.0 is out !!! 2021/05/06 17:39:25 (permalink)
    0
    bws
    Does anyone know if older FAPs do not work anymore? Upgrade of FWF60E went fine but the FAP24D and FAP321C, both v6.0-build0044 did not connect, also after a reboot of the access points.
    It is possible to create profiles for these access points but without getting a connection to the FWF60E.


    Yes, this is a known behaviour documented in the FortiOS 7.0.0 Release note here. You may need to upgrade your FAP firmware so it can support the new strong crypto cipher requirement, or a work around is to disable strong crypto on the FortiGate as suggested abovee. You can see full details here.
    https://docs.fortinet.com...quirements-for-fortiap
    #10
    thuynh_FTNT
    Silver Member
    • Total Posts : 68
    • Scores: -2
    • Reward points: 0
    • Joined: 2014/02/05 09:30:09
    • Status: offline
    Re: FortiOS 7.0 is out !!! 2021/05/07 14:18:57 (permalink)
    0
    Kenundrum
    I put it on my home 60E. First impressions so far- it works. No deal breaker crashes yet. A bunch of quality of life updates like more color schemes and snappier UI are helpful.
    The migration of interfaces to zones and related features is promising and should help reduce the need to do lots of find/replace inside a config file.

    I mainly wanted to try zero trust networking to see if they can live up to the hype. So far I'm severely disappointed. There is next to no documentation available on that feature and it's not obvious how exactly to set it up. The documentation available for 7.x has a bunch of typos.



    Hi there, sorry for the delay in the documentation on ZTNA but it's available now here.
    https://docs.fortinet.com/document/fortigate/7.0.0/new-features/317228/zero-trust-network-access

     
    Note that you will also need to setup EMS and FortiClient in order to fully utilize the feature.
    https://www.fortinet.com/...rticlient#models-specs
    #11
    Jump to:
    © 2021 APG vNext Commercial Version 5.5