Fortinet opublikował właśnie aktualizację oprogramowania dla przełączników FortiSwitch oznaczoną numerem 6.2.1. Więcej informacji o nowościach w naszym artykule!
Nowości w FortiSwitchOS 6.2.0
- Możesz teraz skonfigurować jeden lub więcej serwerów DHCP na dowolnym interfejsie FortiSwitch
- Zyskaliśmy możliwość, aby wyczyścić statystyki portu dla wybranych portów w GUI
- Access VLAN są teraz obsługiwane na modelach: 108E, 124E, 108E-POE, 108E-FPOE, 124E-POE, 124E-FPOE, 148E i 148E-POE
- Strona Instancje STP (Switch> STP> Instances) wyświetla teraz porty dla każdej instancji STP
- RADIUS obsługuje teraz uwierzytelnianie EAP i uwierzytelnianie MAB
- Zarówno uwierzytelnianie oparte na portach 802.1x, jak i uwierzytelnianie oparte na MAC w standardzie 802.1x obsługują teraz CoA
- Protokół TLS 1.3 jest teraz obsługiwany
- Możesz teraz włączyć i skonfigurować zarządzanie FortiSwitch Cloud z linku w pulpicie nawigacyjnym
Rozwiązane problemy:
Bug ID | Description |
---|---|
527565 | When the MAC Authentication Bypass (MAC) is enabled, quarantining a host does not work. |
528983 | When IGMP snooping is enabled on a VLAN, reserved multicast packets are forwarded twice on the 124D, 224D-FPOE, 248D, 424D, 424D-POE, 424D-FPOE, 448D, 448DPOE, 448D-FPOE, 224E, 224E-POE, 248E-POE, 248E-FPOE models. |
539823 | The Cisco expansion module BEKEM cannot be powered up on a FortiSwitch unit. |
556617 | Rate-limiting a quarantined VLAN did not work. |
559354, 559783 | The IGMP snooping daemon crashes on the FortiSwitch-148E-POE model. |
560414 | After upgrading, the OSPF MD5 key configuration disappeared. |
Znane problemy do rozwiązania:
Bug ID | Description |
---|---|
414972 | IGMP snooping might not work correctly when used with 802.1x Dynamic VLAN functionality. |
382518,417024,
417073,417099, 438441 |
DHCP snooping and dynamic ARP inspection (DAI) do not work with private VLANs (PVLANs). |
480605 | When DHCP snooping is enabled on the FSR-112D-POE, the switched virtual interface (SVI) cannot get the IP address from the DHCP server.
Workarounds: —Use a static IP address in the SVI when DHCP snooping is enabled on that VLAN. —Temporarily disable dhcp-snooping on vlan, issue the execute interface dhcpclient-renew command to renew the IP address. After the SVI gets the IP address from the DHCP server, you can enable DHCP snooping. |
510943 | The time-domain reflectometer (TDR) function (cable diagnostics feature) reports unexpected values.
Workaround: When using the cable diagnostics feature on a port (with the diagnose switch physical-ports cable-diag CLI command), ensure that the physical link on its neighbor port is down. You can disable the neighbor ports or physically remove the cables. |
520954 | When a “FortiLink mode over a layer-3 network” topology has been configured, the FortiGate GUI does not always display the complete network. |
542031 | For the 5xx switches, the diagnose switch physical-ports led-flash command flashes only the SFP port LEDs, instead of all the port LEDs. |
548783 | Some models support setting the mirror destination to “internal.” This is intended only for debugging purposes and might prevent critical protocols from operating on ports being used as mirror sources. |
561745 | The FS-248E-FPOE model does not display ports 39-48 on the switch faceplate on the System > Dashboard page. |
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie