Producent oprogramowania Fortinet wydał najnowszą aktualizację o nazwie FortiSwitchOS 7.4.3 dla swoich urządzeń sieciowych. Aktualizacja ta skupia się na naprawie istotnych błędów, które negatywnie wpływały na działanie i wydajność systemu. Wśród zmian znajduje się usprawnienie pliku oids.html, kluczowego dla efektywnego zarządzania siecią za pomocą SNMP. Rozwiązano problemy z dostępem do interfejsu graficznego po aktualizacji systemu i wdrożeniu nowszej wersji protokołu bezpieczeństwa TLS 1.3. Zaktualizowano także funkcję DHCP snooping, co poprawia działanie modeli FS-6xxF w sieciach z dynamicznie zarządzanymi VLAN-ami i autoryzacją 802.1x. Więcej informacji można znaleźć w artykule poniżej.
Wspierane urządzenia:
| FortiSwitch 1xx | FS-108E, FS-108E-POE, FS-108E-FPOE, FS-108F, FS-108F-POE, FS-108F-FPOE, FS-124E, FS-124E-POE, FS-124E-FPOE, FS-124F, FS-124F-POE, FS-124F-FPOE, FS-148E, FS-148E-POE, FS-148F, FS-148F-POE, FS-148F-FPOE |
| FortiSwitch 2xx | FS-224D-FPOE, FS-224E, FS-224E-POE, FS-248D, FS-248E-POE, FS-248E-FPOE |
| FortiSwitch 4xx | FS-424E, FS-424E-POE, FS-424E-FPOE, FS-424E-Fiber, FS-M426E-FPOE, FS-448E, FS-448E-POE, FS-448E-FPOE |
| FortiSwitch 5xx | FS-524D, FS-524D-FPOE, FS-548D, FS-548D-FPOE |
| FortiSwitch 6xx | FS-624F, FS-624F-FPOE, FS-648F, FS-648F-FPOE |
| FortiSwitch 1xxx | FS-1024D, FS-1024E, FS-1048E, FS-T1024E |
| FortiSwitch 2xxx | FS-2048F |
| FortiSwitch 3xxx | FS-3032E |
| FortiSwitch Rugged | FSR-112D-POE, FSR-124D, FSR-424F-POE |
Rozwiązane problemy:
| Bug ID | Description |
|---|---|
| 828603 | The oids.html file is not accurate. |
| 882480 | When the set switch-controller-access-vlan command is enabled on the FortiGate device, any host in the access VLAN cannot ping its default gate in the FortiGate device. |
| 927570 | After upgrading to FortiSwitchOS 7.4.0, accessing the GUI results in a “cannot perform post-handshake authentication” error when using TSL 1.3. |
| 944076 | Enabling DHCP snooping for an 802.1x dynamic VLAN does not work for FS-6xxF models. |
| 950123 | FortiLink does not work with strong-crypto enabled. |
| 959416 | The FortiSwitch temperature has different values in the log and the output of the diagnose sys pcb temp command. |
| 963009 | When DHCP discovery and the set dhcp-snoop-client-req drop-untrusted command are used, the broadcast traffic received on a trusted ISL trunk port is wrongly broadcasted to an untrusted port. |
| 973297 | The user cannot use the GUI to restore a configuration file that was backed up onto an FTP server. |
| 977232 | After the link status changes in either of MCLAG-ICL trunk interface, a multicast/broadcast storm sometimes happens. |
| 978579 | After the client is disconnected from the port, there are continuous log messages for “authorization status=success.” |
| 984228 | After upgrading to FortiSwitchOS 7.4.2, 7.4.1, 7.2.6, 7.2.5, or 7.0.7 , the management interface cannot be reached by ping or HTTPS. |
| 989055 | The physical port of the FortiLink trunk flaps. This issue affects the FS-1024D, FS-1024E, FS-T1024E, FS-1048E, FS-2048E, and FS-3032E models. |
| 990277 | The daemon for 802.1X port-based authentication might crash when there is a high CPU load. |
| 992742 | Using the GUI to create an SNMP user fails. |
| 996521 | When LLDP device detection is enabled on the FortiGate device, the FortiGate configuration takes a long time to be pushed to the FortiSwitch units. |
| 998582 | FortiSwitch units managed by FortiGate devices display the E flag all the time. |
| 999421 | LLDP allocates Power over Ethernet (PoE) with an extra margin. |
| 1005853 | When LACP fallback is enabled on an MCLAG trunk, if one port goes down, the other port also goes down. |
| 1007601 | After upgrading the FS-1024D from FortiSwitchOS 7.2.4 to 7.2.3, editing a physical port in the GUI results in a “500 internal server error.” |
| 1008119 | When using RFC 3433: Entity Sensor Management Information Base, the FortiSwitch units are sending incorrect SNMP values. |
| 1009840 | After the FSW-448E-FPOE model is shut down using the GUI, the switch continues to provide power. |
| 1010330 | DHCP snooping needs to support 25 VLANs on FS-1xx models. |
| 1011022 | The FS-648F-FPOE model continuously displays “[/bin/statsd] libsw cpssd not responding Connection refused” messages on the switch console. |
Notatki producenta: FortiSwitchOS 7.4.3
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie