W dniu 02.11 Fortinet publikuje nową wersję oprogramowania dla FortiManager oznaczoną numerem 6.0.3. W nowej wersji administratorzy zyskują możliwość zezwalania na granularne uprawnienia przypisane do urządzenia, oraz do uruchamiania skryptów na tychże urządzeniach lub pakiecie polityk. Poza tym oprogramowanie zostało ulepszone poprzez wyeliminowanie błędów wykrytych w poprzedniej wersji softu, o czym możemy przeczytać w release notes. Zapraszamy do lektury!
Rozwiązane problemy:
Bug ID Description
304522 Wildcard admin is unable to approve a workflow session.
413390 FGFM connection flapping when FortiGate is moved to another ADOM.
434984 Unable to create/edit/delete ADOMs when system setting is read only.
439512 FortiManager attempts to delete user groups that are used only under system admin, if not defined in the management VDOM.
450434 The „wtp-mode” option is unset after change of AP config from AP Manager.
451684 List all conflicting Global assigned objects in Import Wizard and report.
453417 Import of PKCS #12 local certificate failed.
474629 When Security Profile Groups are created on FortiManager, all Security Profile Groups are pushed to all FortiGate units on next policy push.
480400 Device Manager > System Information does not display correct FortiGate system time.
481901 Add a CLI command to reset hitcount for all ADOMs and dbcache.
485859 Should remove Botnet from Application Control for 5.6/6.0 ADOMs.
491926 Rename ADOM interface during Import Policy may fail to add policy.
492893 Installing custom IPS and AppCtl signatures with the same Attack ID will fail installation or not function correctly on FortiGate.
494108 When adding an interface to a zone, the Block intra-zone traffic option is unset.
494253 Some service objects are not visible in GUI of specific ADOMs when backend has invalid service config.
499053 Wrong interface-pair view for Proxy Policy.
499066 Can’t verify PKI admin client certificate, if the CA chain has more than 2 certificates.
499341 A new LDAP admin user with GUI access is using an admin profile of a previously created LDAP admin user.
499568 Missing Guest Management support in FortiManager Policy & Objects tab.
500480 After editing an address that is used in an address group, the status did not change for 'Policy Package Status’.
501096 Policy package status of all devices going in Modified state when policy package is imported for new devices.
501467 Application fgdsvr crashes several times per day – parseFragment: url index out of range.
501485 ADOM upgrade from 5.4 to 5.6 tries to change 'Web Filter Local Category’ ID from 179 to 192.
503072 Application crond crashes are caused by hitcount updates.
504394 AP Manager – WiFi profile FAP221E does not display RADIO 2 option.
504422 Install verification fails after FortiGate HA failover due to vdom-link macaddr mismatch.
504541 Page is not loading properly for AP profiles under AP Manager in 5.2 ADOM.
504636 Some address objects are not visible in GUI of specific ADOMs when backend has invalid address config.
504999 Install SD-WAN static route to FortiGate failed.
505004 Columns overlap in policy list page.
505276 VPN Monitor stuck loading for 5.2/5.4 ADOMs.
507075 Upgrade of ADOM 'root’ from 5.6 to 6.0 hangs and crashes svc cdb reader.
507092 FortiManager cannot show 1 ADOM interface page when interface dynamic mapping is missing device information.
507300 FortiManager should not download the FortiGate delta package from FortiGuard.
507394 FortiManager displays the „Error:response with errors” error when creating a new script that is over the tablesize limit.
507628 After successful installation, device config status may show as out of sync or modified or conflict
507919 Need to import firewall internet-service-custom, although it is not directly used by firewall policy.
508810 Administrative Distance is missing for Static Route with Destination type Named Address.
509173 Policy package installation for root ADOM fails after upgrading from 5.4.5 to 5.6.4.
509185 FortiManager installs default certificate instead of dynamically mapped certificate that is used in dynamically mapped virtual server.
509769 5.4 ADOM cannot assign profile to FAP221.
509854 If firewall address groups are recursively defined (for example, its member contains itself), this causes the security console to crash.
510641 Edit policy and click OK. The table scrolls back to top.
510910 When a new object is created from an IPv4 policy, the previous content of the related field is cleared.
510929 GUI Import wizard should display „Renamed Objects” before importing objects.
510936 Adding a new device to address object dynamic mapping sets the interface to 'any’ for previous associated devices.
511170 FortiAnalyzer/Fortimanager cannot sync with some NTP servers.
511753 SNMP event power-supply-failure is missing for some devices.
513243 On the device level interface config page, the allow access config cannot disable HTTP.
513255 GUI slowness is caused by viewing, editing, or cloning IPsec phase1/phase2 in Device Manager.
514300 The log FortiAnalyzer filter setting cannot be retrieved or configured on FortiManager.
516789 Fabric Connector for VMWare NSX not importing any object and displays error message 'Internal Error’ for NSX version 6.3.3.
516889 FortiManager will use FortiGuard update for FortiGate certificate bundle support.
517204 Add/Retrieve fails with „data not exist” if „external-resource” category is used in „ftgd-dns filters” in DNS filter.
517235 Device Manager System DHCP Server Lease Time changes not editable via GUI.
517243 Refreshing „Policy & Objects” pane clears the „Last Modified” tab on the policies.
517533 Cannot specify more than one DNS server in AP Manager SSID profile.
518668 Inconsistent user-database options when configuring a local Authentication Scheme.
519188 RADIUS VSA attributes can be used to gain read-write access to all ADOMs.
519206 Web Server Error 500 when trying to filter device Session List.
Znane problemy do rozwiązania:
Bug ID Description
478257 VPN Manager should filter out invalid interfaces for the default VPN interface.
501202 AP Manager Wifi profiles missing LAN ports configuration settings on FortiManager GUI.
507629 Clicking the Cancel button in the Install wizard causes task errors.
510663 Despite the FDS proxy settings, FortiManager is attempting to connect directly to the productapi.fortinet.com.
517232 Invalid Source/Destination „Negate Cell” option for certain policy types and missing „Negate Cell” for IPv4 policy source address.
518680 IP Pool not imported due to error create mapping fail related to „arp-intf” which is a members of a zone setting in ippool.
519108 Scheduled Remote CLI Scripts are struck at 1%.
522310 B255: Unable to edit Global ADOM DB to change global version from GUI.
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie