Visitor III

Solved

FortiOS 5.2.3 is out

Forum|Forum|11 years ago
March 18, 2015
33 replies
99839 views

.

5.2

Best answer by VicAndr

...discovered another bug with v.5.2.3. Administrators who are restricted to provision guest accounts only, can't actually print those accounts (to hand over login IDs and passwords to relevant users). In attempt to do so a FortiGate responds with "Error 500: Internal Server Error".

...didn't have this problem before the upgrade [&:].

Show previous replies

seadave

New Member

Upgraded 100D running 5.2.2 to 5.2.3. For the most part, running without issue, but I'm getting the following error (see attached JPEG) when I look at address lists:

Invalid octet in UTF-8 sequence when decoding 'string'

Overlong 2 byte UTF-8 sequence detected when decoding 'string'

At the bottom it says:

One or more addresses in this group are associated with an interface (wan1). Only addresses that are not associated with an interface, or are associated with wan1 can be added.

I kind of understand this, but wonder why it didn't show up in 5.2.2? I tend to use ANY for the interface when I'm creating an IP or FQDN address that I will be using for blocking. I'm guessing I should be methodically using WAN1 instead? I wish there was a way to select in the GUI and say change all to WAN1. I downloaded the config, but when you use ANY, the line:

set associated-interface "X"

is not present for the address definition so I cannot do a simple find/replace. Ugh.

Fortinet Error.jpg

dfroe

New Member

dfollis wrote:
Invalid octet in UTF-8 sequence when decoding 'string'
Overlong 2 byte UTF-8 sequence detected when decoding 'string'

There's a very simple solution for this: Clear your browser cache.

Paul_S

New Member

dfroe wrote:
dfollis wrote:
Invalid octet in UTF-8 sequence when decoding 'string'
Overlong 2 byte UTF-8 sequence detected when decoding 'string'
There's a very simple solution for this: Clear your browser cache.

Clearing my browser cache did not fix this decoding string error. I cleared everything and switched browsers. Still getting error. Opening another ticket. sigh.

Paul_S

New Member

immediately after my last post, I went to reproduce the string decoding error, but it would not happen any more. Not sure why it happened after clearing browser cache, but not now. either it only happens sometimes or it happens once after clearing the cache.

Paul_S

New Member

now the error is happening again.

Simpalm

New Member

Yayy..... We were waiting for this update for so long and its out now, Happy!

Thanks for sharing this topic, I like it.

kinmun

New Member

my FG300D is on 5.2.2.

what benefit do I get from upgrading to 5.2.3 ?

Paul_S

New Member

kinmun wrote:
my FG300D is on 5.2.2.
what benefit do I get from upgrading to 5.2.3 ?

emnoc is right about reading the release notes. Also, consider opening a support ticket and asking for all the known bugs that are affecting 5.2.3. I have recently installed 5.2.3 and I am affecting by two bugs in that release.

if the bugs are in areas you do not consider critical, then you should probably installed 5.2.3, if the bugs are in critical areas, then wait for 5.2.4.

5.2.3 does patch some vulnerabilities discovered recently: http://www.fortiguard.com/advisory/CVE-2014-8730--Poodle-for-TLS--vulnerability/

Reducing risk (improving security) is often an organizations biggest motivation when deciding when to upgrade a system.

hklbAuthor

Visitor III

Paul S wrote:
emnoc is right about reading the release notes. Also, consider opening a support ticket and asking for all the known bugs that are affecting 5.2.3.

They don't update the release notes with the new know bug ?

emnoc

New Member

Read the release notes for 5.2.3, everything that's fix or new or open items should be listed in the release notes.

[link]http://docs.[/link]fortinet.com/d/fortios-5.2.3-release-notes

storaid

New Member

hello, anyone know the released date about next release????

Paul_S

New Member

storaid wrote:
hello, anyone know the released date about next release????

6/12/15 - a comment from Fortinet on one of my support tickets indicated late july for the release of 5.2.4.

james512

New Member

I've been upgrading the FW with no issues for around 3 years on our FGT 110C unit, until going from 5.2.2 to 5.2.3.

Now I can no longer see the interface page on the GUI and I'm also experiencing the 'invalid octet in UTF-8 sequence when decoding 'string'' when viewing groups.

It would seem the firmware screws up our config, for now I've had to downgrade back to 5.2.2. Fortinet support have asked me to reset the unit and try again but no luck.

I've attached some screen grabs of the problems.

new address group.JPG

james512

New Member

And the interface page which no longer loads.

interface.JPG

rwpatterson

New Member

Also you cannot load the DNS screen.

When upgrading to 5.2.3, the admin accounts have changed from 'super_admin' to 'prof_admin'. We had the same issue here. We simply went into a backup, changed the admin types and restored the config. I did this remotely, hoping I wouldn't have to drive in. It worked flawlessly.

By the way, we got the answer from support. My guru is better than your guru!

james512

New Member

Ah thanks very much! I will give that a go right away.

I need to get a better guru :).

rpetty

New Member

I have been testing the new 5.2.3 firmware and upgrading a fwf60D from 5.0.10 to 5.2.3. After upgrading I can no longer ping the lan interface and I don't show the interface in the arp table on a computer directly connected to the interface. Has anyone else had issues with the software switch after upgrading?

Show more replies

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded