Producent oprogramowania Fortinet udostępnił najnowszą wersję oprogramowania dla urządzeń FortiSwitch o numerze wersji 6.2.6. W najnowszej aktualizacji naprawiono błąd parity errors który powodował wzrost obciążenia procesora do 100%. Rozwiązano również błąd gdy zaufany host został dodany do profilu administratora, administrator nie mógł zalogować się do
FortiSwitch GUI lub CLI z FortiSwitch Cloud. Więcej informacji w dalszej części artykułu.
Co nowego:
FS-3032E może mieć do 64 trunków.
Wspierane modele:
FortiSwitch 1xx: FS-108E, FS-108E-POE, FS-108E-FPOE, FS-124E, FS-124E-POE, FS-124EFPOE, FS-148E, FS-148E-POE
FortiSwitch 2xx: FS-224D-FPOE, FS-224E, FS-224E-POE, FS-248D, FS-248E-POE, FS-248EFPOE
FortiSwitch 4xx: FS-424D, FS-424D-FPOE, FS-424D-POE, FS-424E, FS-424E-POE, FS-424EFPOE, FS-424E-Fiber, FS-M426E-FPOE, FS-448D, FS-448D-FPOE, FS-448DPOE, FS-448E, FS-448E-POE, FS-448E-FPOE
FortiSwitch 5xx: FS-524D-FPOE, FS-524D, FS-548D, FS-548D-FPOE
FortiSwitch 1xxx: FS-1024D, FS-1048D, FS-1048E
FortiSwitch 3xxx: FS-3032D, FS-3032E
FortiSwitch Rugged: FSR-112D-POE, FSR-124D
Rozwiązane problemy:
| Bug ID | Description |
|---|---|
| 621628 | Parity errors sometimes cause 100 percent CPU usage |
| 662110 | A Fortinet module is causing a critical-level message, “Non-Fortinet Module Inserted.” |
| 662294 | A read-only access profile group was included in the automatic configuration backup. |
| 663466 | You cannot use the zero-touch configuration in FortiSwitch Cloud to change the admin password. |
| 663493 | IPv6 link-local addresses were included in the L3 egress table, even though no IPv6 addresses were configured. |
| 666841 | Setting the STP state on a port, if that port is part of the FortLink uplink trunk, can occasionally cause a memory leak. |
| 670281 | STP states flap for the inter-chassis link (ICL) in a multiple-site FortiLink redundancy topology. |
| 672607 | After FortiSwitchOS is configured to force users to change their passwords when first logging in, the GUI does not prompt users to change their passwords. |
| 673673 | When a trusted host is added to the admin profiles, those admins cannot log in to the FortiSwitch GUI or CLI from FortiSwitch Cloud. |
| 680477, 680626 |
The list of time zones that can be selected in the FortiSwitchOS GUI and CLI should match the list available in FortiOS. |
| 683831 | The daemon for 802.1x port-based authentication occasionally crashes on the FS-448D-FPOE model. |
Znane problemy:
| Bug ID | Description |
|---|---|
| 382518, 417024, 417073, 417099, 438441 |
DHCP snooping and dynamic ARP inspection (DAI) do not work with private VLANs (PVLANs). |
| 414972 | IGMP snooping might not work correctly when used with 802.1x Dynamic VLAN functionality. |
| 480605 | When DHCP snooping is enabled on the FSR-112D-POE, the switched virtual interface (SVI) cannot get the IP address from the DHCP server. Workarounds: —Use a static IP address in the SVI when DHCP snooping is enabled on that VLAN. —Temporarily disable dhcp-snooping on vlan, issue the execute interface dhcpclient-renew command to renew the IP address. After the SVI gets the IP address from the DHCP server, you can enable DHCP snooping. |
| 510943 | The time-domain reflectometer (TDR) function (cable diagnostics feature) reports unexpected values. Workaround: When using the cable diagnostics feature on a port (with the diagnose switch physical-ports cable-diag CLI command), ensure that the physical link on its neighbor port is down. You can disable the neighbor ports or physically remove the cables. |
| 520954 | When a “FortiLink mode over a layer-3 network” topology has been configured, the FortiGate GUI does not always display the complete network. |
| 542031 | For the 5xx switches, the diagnose switch physical-ports led-flash command flashes only the SFP port LEDs, instead of all the port LEDs. |
| 548783 | Some models support setting the mirror destination to “internal.” This is intended only for debugging purposes and might prevent critical protocols from operating on ports being used as mirror sources. |
| 572052 | Backup files from FortiSwitchOS 3.x that have 16-character-long passwords fail when restored on FortiSwitchOS 6.x. In FortiSwitchOS 6.x, file backups fail with passwords longer than 15 characters. Workaround: Use passwords with a maximum of 15 characters for FortiSwitchOS 3.x and 6.x. |
| 585550 | When packet sampling is enabled on an interface, packets that should be dropped by uRPF will be forwarded. |
Notatki producenta FortiSwitch 6.2.6
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie
