Fortinet udostępnił nową wersję oprogramowania dla produktu FortiAuthenticator w wersji 6.0.5. W tej wersji oprogramowania producent udostępnił funkcję PUSH PROXY FTM. FortiAuthenticator wysyła teraz żądanie push FortiToken do serwera proxy FortiGuard/ FortiCloud. Aby obsługiwać funkcję FTM push, FortiAuthenticator musi mieć możliwość uzyskania dostępu do push.fortinet.com przez TCP / 443. W aktualizacji naprawiono błąd procesu Winbind child, który wykorzystywał 75%+ zasobów CPU.
Rozwiązane problemy:
| Bug ID | Description |
|---|---|
| 583516 | Gateway timeout error when downloading user audit report. |
| 604394 | Winbind child process spikes CPU to 75%+. |
| 626680 | Block/Warn on „firmware drive too small” KVM upgrades. |
Znane problemy do rozwiązania:
| Bug ID | Description |
|---|---|
| 445313 | Default behavior for FTM de-provision. |
| 478985 | FortiAuthenticator Windows Agent sometimes doesn’t see the domain name and user is not able to login. |
| 490281 | GUI issue with FortiAuthenticator logging. |
| 510931 | Monitor – Authentication – Windows AD statuses are unclear. |
| 512913 | One of the cluster units doesn’t send traps while acting as primary. |
| 519319 | FortiAuthenticator is crashing every time when the LDAP Remote user sync rules are supposed to run. |
| 526202 | FortiAuthenticator does not check if signature of CSR is valid. |
| 526662 | FortiAuthenticator SNMP TRAP on disk failure or / and SNMP OID for disk status. |
| 528231 | Log showing can not add any more users because limit of 1100 has been reached. |
| 528352 | FortiAuthenticator HA CLI errors. |
| 529178 | FortiAuthenticator 5.5.0 search for serial number in certificate subject. |
| 532652 | Users Audit Report not working on load-balancer of LB cluster. |
| 536211 | Limit FSSO password to 15 characters since that is the limit on the Fortigate. |
| 538059 | Importing an ECDSA-signed certificate/key causes an error dump. |
| 540932 | FSSOMA nested group search failing if nested via primary group. |
| 541884 | FortiAuthenticator drops connection to FGT with error „sock_recv() failed, error: 104”. |
| 543729 | RADIUS client service not working after upgrade. |
| 544691 | Remote LDAP admins have no certificate bindings. |
| 544851 | HA re-enable and interface in use. |
| 546764 | Non-ASCII characters in replacement messages cause line-break in the middle of a URL in emails. |
| 551478 | FortiAuthenticator VM upgrade from 4.0 b6237 to 6.0 b010 not successful. |
| 551706 | FortiAuthenticator LB HA Cluster cannot have two remote admins with same username when 2FA FortiToken is enabled. |
| 554282 | Should have similar log messages for remote sync rule when either admin or non-admin role is assigned to imported user. |
| 555180 | Push notification certificates not restored to disk following model conversion. |
| 555320 | Captive PortalTime schedule for Device only (MAC address) failing. |
| 561563 | Guest portal authentication fails with „HTTP 500” if user’s name contains non-ASCII characters. |
| 561588 | Adding SMS license shows „connection timeout” in the GUI. |
| 563330 | Error while accessing Authentication > Remote Users. |
| 565635 | When FortiAuthenticator receives AVP with multiple VSA for MSCHAP-v2, it rejects the second request (response to challenge). |
| 566145 | Usage Profile „TIME USAGE=Time used” is not triggering COA or Disconnect request to Fortigate. |
| 566500 | Activation Failed. FTM Server: provision code not exist (40). |
| 567157 | Trusted CA import shows pending when certificate is using SHA512 as hash. |
| 567493 | EAP-TLS authentication does not check AuthorityKeyIdentifier when matching allowed/trusted CAs. |
| 568479 | EAP-TLS – deletion of local CA#1 breaks authentication for local CA#2 with identical subject. |
| 569420 | Certificate upload to FAC in PKCS#12 format fails. |
| 570138 | Local users screen goes crash intermittently. |
| 571537 | Smart Connect profile is not working with MAC computer. |
| 573278 | GUI SSO Portal Services page hiding elements. |
| 574824 | No more than 20 Realms can be present in RADIUS client settings. |
| 575996 | FortiAuthenticator as RSSO > FSSO processing fails if fails RADIUS Accounting Sources is configured with FQDN instead of IP. |
| 576691 | Default Realm allowing RADIUS users to authenticate using non-existing realms. |
| 577590 | FortiGuard server failed sending SMS because message is too long. |
| 581951 | Fortitoken Cloud status service error when no entitlement purchased |
| 581967 | FTM trial license activation: Disable „Cannot find req_trial_ftm task. It might have been removed”. |
| 582845 | Revoked local service certificates not in CRL. |
| 582850 | RADIUS attributes are not added in Access-Accept packet. |
| 583729 | Unable to import users into LDAP directory tree. |
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie