Skip to main content
Carl_Wallmark
Carl_Wallmark
New Member
March 29, 2016
Solved

FortiOS 5.2.7 is out

  • March 29, 2016
  • 2 replies
  • 34555 views

.

    Best answer by vladimircze

    Hi,

    12 hours ago upgraded 100D cluster from 5.2.3 to 5.2.7 (using 5.2.5 as intermediate version in upgrade path).

    Features used:

    A-A cluster,

    web filter,

    IPS,A/V, APPL Sensors, content SSL Inspection

    WiFi (WPA2-enterprise and WPA2-Personal)

    SSL VPN, IPSEC VPN

    OSPF, LACP

    5 VDOM.

     

    So far so good.

     

    Vladimir, Prague, Czech Republic.

    2 replies

    Baptiste
    Baptiste
    New Member
    March 29, 2016

    Release notes : http://docs.fortinet.com/uploaded/files/2967/fortios-v5.2.7-release-notes.pdf

     

    storaid
    storaid
    New Member
    March 29, 2016

    some known issues are annoying..=_="

    * Users may not be able to create new address objects from the Firewall Policy.

    * All sessions: filter application, threat, and threat type, may not work as expected

    * If the client is connecting to an SSID with WPA-Enterprise and User-group, it may not be able to pass the traffic policy.

    * When creating an id_based policy with SSL enabled, and the set gui-multipleutm disable is applied, an Entry not found error message may appear.

    * When navigating FortiView > Application some security action filters may not work.

    pcraponi
    pcraponi
    New Member
    March 30, 2016

    I think these "know issues" are not 5.2.7 only. I have some of these bugs in previous versions. Apparently they are all 5.2.x bugs opened.

    IAC
    IAC
    New Member
    September 1, 2016

    We upgraded our 2 FG500D (3000k users, 200Mbps Internet traffic, HA A-P, IPS, AV, Web Filtering, Application Control, SSL/SSH inspection) last week from 5.2.3 to 5.2.5. Configuration file did not change. Just after the upgrade we noticed http/https traffic problems (from and to Internet) related to SSH/SSL inspection feature.

     

    To get the http/https traffic back, we had first to activate SSH/SSL inspection in the policies affected (no SSH/SSL inspection activated before the upgrade). With other policies this workaround did not work. In the end we had to avoid any IPS, AV, Application control, SSH/SSL inspection configuration. Web Filtering was fine.

     

    One week later (yesterday) we upgraded from 5.2.5 to 5.2.7. So far, so good. No problems noticed.

    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    September 1, 2016

    really, 3 million users on a 200 Mbps line?

     

    Just out of curiosity, why did you not upgrade to v5.2.8 right away? (we've got a "FortiOS 5.2.8 is out" thread as well)

    IAC
    IAC
    New Member
    September 6, 2016

    Thank you for your reply and your suggestion!

     

    Sorry for the confusion. Just 3k users!. Regarding upgrade to 5.2.8 we prefer avoid frequent updates in a short period of time (too risky). Besides, from the upgrade path we have checked that 5.2.7 is ready to go to 5.4.1, as well as 5.2.8. There seem to be no relevant bugs fixed in 5.2.8. At some point next year we assume 5.4.x will be stable enough, so we will plan to go to 5.4.x from 5.2.7.

     

    By the way, thanks for this forum. It is quite more useful than Fortinet technical tickets (we did not get any response in 4-5 days after the upgrade to 5.2.5 that seriously affected UTM features ; one week without AV, IPS, applicacion control, SSH/SSL inspection...)

    Thanks.

    Ignacio.

    Terms & ConditionsAccessibility statement