B&B Bezpieczeństwo w biznesie
  • Start
  • O nas
  • Produkty
  • Usługi
    • Szkolenia
    • Audyt bezpieczeństwa informacji
    • Audyt- program Cyfrowa Gmina
    • Audyt konfiguracji Fortigate
    • Program Cyfrowy Powiat
    • Prezentacje
    • Wdrożenia
  • Blog techniczny
  • Pomoc
  • Kariera
  • RODO
  • Kontakt

Producent oprogramowania Fortinet, udostępnił najnowszą aktualizację dla urządzeń FortiSwitch o oznaczeniu 7.2.0. Dzięki nowszej wersji, zostały rozwiązane problemy dotyczące zużycia procesora przy korzystaniu z interfejsu graficznego. Ponadto integracja z serwerem LDAP, została skorygowana pod względem uwierzytelnia. Dzięki aktualizacji, na całej płaszczyźnie naprawiono działanie autoryzacji MAB (Mac-address Authentication Bypass), gdzie problemy występował głównie przy ponownym uruchomieniu urządzenia. Po więcej szczegółowych informacji, zapraszam do dalszej części artykuł.

Aktualnie wspierane modele:

FortiSwitch 1xx FS-108E, FS-108E-POE, FS-108E-FPOE, FS-108F, FS-108F-POE, FS-108F-FPOE, FS-124E, FS-124E-POE, FS-124E-FPOE, FS-124F, FS-124F-POE, FS-124F-FPOE, FS-148E, FS-148E-POE, FS-148F, FS-148F-POE, FS-148F-FPOE
FortiSwitch 2xx FS-224D-FPOE, FS-224E, FS-224E-POE, FS-248D, FS-248E-POE, FS-248E-FPOE
FortiSwitch 4xx FS-424E, FS-424E-POE, FS-424E-FPOE, FS-424E-Fiber, FS-M426E-FPOE, FS-448E, FS-448E-POE, FS-448E-FPOE
FortiSwitch 5xx FS-524D, FS-524D-FPOE, FS-548D, FS-548D-FPOE
FortiSwitch 1xxx FS-1024D, FS-1024E, FS-1048E, FS-T1024E
FortiSwitch 3xxx FS-3032E
FortiSwitch Rugged FSR-112D-POE, FSR-124D

Rozwiązane problemy:

Bug ID Description
724558 A flash module failed and caused a complete network outage.
724813 The set enforce-first-as {disable | enable} command should have been placed under config neighbor and does not work in its current location (directly under config router bgp). There is no patch available for this issue.
741354 There is a segmentation fault when a packet is received for a deleted interface before the DHCP client module has removed that interface.
743749 When the network hub is disconnected and then reconnected, MAB sometimes does not work.
746584 An FS-448D cannot be access on an intermittent basis.
748177 When the network monitor is enabled, the MCLAG trunk becomes unstable.
748249 New CLI commands have been added under the config switch security command to control TCP and UDP ports.
752085 When the FortiSwitch unit sends the BPDU with the proposal bit on, it causes STP to be unsynchronized.
753630 MAB cannot be recovered after the daemon for 802.1x port-based authentication has crashed.
754232 Some FS-224D-FPOE switches have problems with checking the PSU GPIO.
759992 After the FortiSwitch unit is restarted, the memory usage increases, and users cannot access the FortiSwitch unit with the CLI or GUI.
760536 The SNMP trap for the power supply failing or being restored is using the wrong OID.
763264 Displaying the Switch > Port > Physical page or the dashboard causes high CPU usage.
763953 After the LDAP authentication succeeds, there is a “wrong username and password” error.
769733 The getnext query needs to be supported for OID .0/0.0.
771767 The switch cannot be accessed if the trusted host is not using /32.
787797 The FortiSwitch unit does not allow VTP traffic between Cisco switches.
796030 There is no response when SNMP polls a loopback interface.

Znane problemy:

Bug ID Description
382518, 417024, 417073, 417099, 438441 DHCP snooping and dynamic ARP inspection (DAI) do not work with private VLANs (PVLANs).
414972 IGMP snooping might not work correctly when used with 802.1x Dynamic VLAN functionality.
480605 When DHCP snooping is enabled on the FSR-112D-POE, the switched virtual interface (SVI) cannot get the IP address from the DHCP server.

Workarounds:
—Use a static IP address in the SVI when DHCP snooping is enabled on that VLAN.
—Temporarily disable dhcp-snooping on vlan, issue the execute interface dhcpclient-renew <interface> command to renew the IP address. After the SVI gets the IP address from the DHCP server, you can enable DHCP snooping.

510943 The time-domain reflectometer (TDR) function (cable diagnostics feature) reports unexpected values.

Workaround: When using the cable diagnostics feature on a port (with the diagnose switch physical-ports cable-diag <physical port name> CLI command), ensure that the physical link on its neighbor port is down. You can disable the neighbor ports or physically remove the cables.

542031 For the 5xx switches, the diagnose switch physical-ports led-flash command flashes only the SFP port LEDs, instead of all the port LEDs.
548783 Some models support setting the mirror destination to “internal.” This is intended only for debugging purposes and might prevent critical protocols from operating on ports being used as mirror sources.
572052 Backup files from FortiSwitchOS 3.x that have 16-character-long passwords fail when restored on FortiSwitchOS 6.x. In FortiSwitchOS 6.x, file backups fail with passwords longer than 15 characters.

Workaround: Use passwords with a maximum of 15 characters for FortiSwitchOS 3.x and 6.x.

585550 When packet sampling is enabled on an interface, packets that should be dropped by uRPF will be forwarded.
606044/610149 The results are inaccurate when running cable diagnostics on the FS-108E, FS-124E, FS-108E-POE, FS-108E-FPOE, FS-124E-POE, FS-124E-FPOE, FS-148E, and FS-148E-POE models.
609375 The FortiSwitchOS supports four priority levels (critical, high, medium, and low); however, The SNMP Power Ethernet MIB only supports three levels. To support the MIB, a power priority of medium is returned as low for the PoE MIB.
659487 The FS-124F, FS-124F-POE, and FS-124F-FPOE models support ACL packet counters but not byte counters. The get switch acl counters commands always show the number of bytes as 0.
673433 Some 7-meter DAC cables cause traffic loss for the FS- 448E model.
748210 After a third-party hub is disconnected and then reconnected, MAB sometimes does not work.
784585 When a dynamic LACP trunk has formed between switches in an MRP ring, the MRP ring cannot be closed. Deleting the dynamic LACP trunk does not fix this issue. MRP supports only physical ports and static trunks; MRP does not support dynamic LACP trunks.

Workaround: Disable MRP and then re-enable MRP.

793145 VXLAN does not work with the following:

  • log-mac-event
  • DHCP snooping
  • LLDP-assigned VLANs
  • NAC
793821 A “Failed to send l2mac trap” message is reported if log-mac-event is enabled on one port without the SNMP-related information being configured.
795041 The VM debug report (System > Debug Report) is missing information for many CLI commands.
798357 When multiple VXLAN configurations use the same remote-ip value, the VXLAN tunnels do not update the underlying SVI IP address.

Notatki producenta: FortiSwitch 7.2.0

Pozdrawiamy,

Zespół B&B
Bezpieczeństwo w biznesie

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Post Views: 731

7.2.0 FortiSwitch FortiSwitch 7.2.0

Poprzedni artykułFortiAnalyzer 7.2.0Następny artykuł FortiAP 7.2.0

Najnowsze

FortiSwitch 7.0.627 stycznia 2023
NAKIVO Backup & Replication v10.825 stycznia 2023
ESET PROTECT Cloud 4.116 stycznia 2023

Kategorie

  • Acronis
  • Aktualności
  • Bez kategorii
  • ESET
  • F-Secure
  • FortiAnalyzer
  • FortiAP
  • FortiAuthenticator
  • FortiClient
  • FORTIGATE
  • FORTIMAIL
  • FortiManager
  • FortiNAC
  • FORTISWITCH
  • FortiWeb
  • NAKIVO
  • Qnap
  • Stormshield
  • Szkolenia
  • Veeam
  • VMware

Tagi

6.0.6 6.2.1 6.2.2 6.2.7 6.4.0 6.4.2 6.4.3 6.4.4 6.4.5 6.4.8 7.0.0 7.0.2 7.0.5 7.2.0 acronis ems Eset eset endpoint antivirus eset endpoint security ESET Protect ESET Protect Cloud F-Secure f-secure client security f-secure policy manager FMG FortiAnalyzer FortiAP fortiap-s fortiap-w2 FortiAuthenticator FortiClient FortiClientEMS FortiGate FortiMail FortiManager FortiNAC Fortinet FortiOS FortiSwitch FortiWeb vCenter vCenter Server VMware vmware vcenter VMware vCenter Server

MENU

  • Start
  • O nas
  • Produkty
  • Usługi
    • Szkolenia
    • Audyt bezpieczeństwa informacji
    • Audyt- program Cyfrowa Gmina
    • Audyt konfiguracji Fortigate
    • Program Cyfrowy Powiat
    • Prezentacje
    • Wdrożenia
  • Blog techniczny
  • Pomoc
  • Kariera
  • RODO
  • Kontakt

BLOG TECHNICZNY

FortiSwitch 7.0.627 stycznia 2023
NAKIVO Backup & Replication v10.825 stycznia 2023
ESET PROTECT Cloud 4.116 stycznia 2023

KONTAKT

+48 500-413-313
biuro@b-and-b.plhttps://www.b-and-b.pl
8:00-16:00
BEZPIECZEŃSTWO W BIZNESIE 2022 - wszystkie prawa zastrzeżone

MENU

  • Start
  • O nas
  • Produkty
  • Usługi
    • Szkolenia
    • Audyt bezpieczeństwa informacji
    • Audyt- program Cyfrowa Gmina
    • Audyt konfiguracji Fortigate
    • Program Cyfrowy Powiat
    • Prezentacje
    • Wdrożenia
  • Blog techniczny
  • Pomoc
  • Kariera
  • RODO
  • Kontakt

BLOG TECHNICZNY

FortiSwitch 7.0.627 stycznia 2023
NAKIVO Backup & Replication v10.825 stycznia 2023
ESET PROTECT Cloud 4.116 stycznia 2023

Kontakt

+48 500-413-313
biuro@b-and-b.pl
8:00-16:00