New Member

Solved

Upgrading 100D from 4.3.11 to 5 - 5.2 or 5.4?

Forum|Forum|9 years ago
March 3, 2017
2 replies
11333 views

I'm going to visit some 100Ds in a rather remote location. They are currently at 4.3.11 and would like to upgrade the FortiOS

5.2 or 5.4? I've looked and have not found anything outlining pros and cons of each. I'm sort of leaning to 5.2, but would like some input.

Thanks in advance....CB

Best answer by MikePruett

Push it to 5.4.x using the proper upgrade path and enjoy the feature additions.

The older code is either EOL or going EOL and fortinet TAC seems to stay spun up on the current stuff a little better than the older. So in the event of support you may be better off with the newer.

In regards to memory utilization I have surprisingly seen devices use LESS memory in my situations as I upgrade. I am assuming that is due to memory leak issues and more efficient handling of things.

That's just my opinion though.

Pathfinder

New Member

Hi CB

As long as I know, FortiOS 5.4.x is still full of bugs. Some major settings don't work in GUI, so you have to change them in CLI-Console. The whole IPsec VPN you have to setup on CLI, because GUI-Settings will not match.

I run very successfully 5.2.8 on my 100D. Tried to update to 5.2.10 but got back to 5.2.8 because i had unstable IPsec-Tunnels and also Problems with connecting softclients to SSL-VPN.

Hope, that helps you.

Regards, Marc

ede_pfau

SuperUser

Staying with the v4.3 branch might have the advantage of smaller memory consumption. Of course, v4.3 is EOL for long now but I still run a couple of FGTs on v4.3.19.

v5.2 will be EOL this summer.

MikePruettAnswer

New Member

Push it to 5.4.x using the proper upgrade path and enjoy the feature additions.

The older code is either EOL or going EOL and fortinet TAC seems to stay spun up on the current stuff a little better than the older. So in the event of support you may be better off with the newer.

In regards to memory utilization I have surprisingly seen devices use LESS memory in my situations as I upgrade. I am assuming that is due to memory leak issues and more efficient handling of things.

That's just my opinion though.

prouzier

New Member

If I were you, I would go 5.4. Its a world of difference between 2 and 4, and the later is much better in my opinion. So if you don't know either one, go for the latest one. And 5.6 is already in Beta, can't imagine what that will be like.

sazi

New Member

Tomorrow, we'll upgrade our 100D from 5.0.13 to 5.2.10 and after to 5.4.4.

We'd a lot of VIPs, +100 policies, 11 FortiAPs, IPsec VPN, SSL VPN, Policies Routes, AD SSO...

So, let's cross the fingers

cbialobzAuthor

New Member

Thanks for everyone's input.

Since the 100Ds were six hours away from home I played it safe and went to 5.2.8. I didn't want to upgrade, get home, and then find out things were not working the same. 5.2 will be supported until Decc 2016 with end of Engineering Support July 2017. Can always upgrade furhter in the 5.2 or to the 5.4 stream later

No issues with the upgrade

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded