Skip to main content
TheDude
TheDude
New Member
March 23, 2017
Question

Version Conflicts?

  • March 23, 2017
  • 1 reply
  • 4674 views

I have a Fortigate 100D and several 60D all running 5.2.2 that all need updating to possibly 5.4.4. Does anyone know if I will run into issues with IPSec VPN's or anything if I update them 1 at a time. I plan to do them as I travel to these locations throughout the next couple months.

    1 reply

    Toshi_Esumi
    SuperUser
    Toshi_Esumi
    SuperUser
    March 23, 2017

    It shouldn't, as long as you follow a proper upgrade path and don't copy config from 5.2 to 5.4 or vice versa. We were in a mix between 5.2.3, .7, .9 and 5.4.2 for some time, and now 5.4.4 as well. But once you completed all upgrades, you want to check how they were converted. Some IPSec parameters and default values have changed with 5.4 so it's possible they might be running unintended ways. Also avoid 5.4.0 or 5.4.1 in your upgrade path. If you do, you likely have to flush the boot drive and upload the next version then apply the saved config. Read all release notes backwards from 5.4.4 to determine your path.

    TheDude
    TheDudeAuthor
    New Member
    March 23, 2017
    Thank you for your quick response. I would do them remotely but when I did that last time, it cleared out one of the settings and left that branch dead until I was able to get out there.
    Toshi_Esumi
    SuperUser
    Toshi_Esumi
    SuperUser
    March 23, 2017

    Likely the drives, config file, or something had a problem. Observe console output or syslog before executing the upgrade. Then ask TAC to evaluate the errors if you see something unexpected. As you experienced if something goes wrong only way to recover it is via local access by a local person. That's where terminal servers come in play to be a lifesaver.

    Terms & ConditionsAccessibility statement