New Member

Solved

When is 5.4.1 going to drop?

Forum|Forum|10 years ago
March 28, 2016
4 replies
137034 views

Is there an ETA as to when 5.4.1 is going to drop? I have a brand new 300D that I am waiting to put into production as soon as 5.4.1 is ready.

Best answer by FGTuser

by end of next week (April 15)

FGTuserAnswer

New Member

by end of next week (April 15)

Gianluca_Caldi

New Member

Fortinet support just said "...FortiOS 5.4.1, which is scheduled to be released the first half of next month..."

ShrewLWD

New Member

Are there must-have features in 5.4.x, that you are willing to go into production this soon into 5.4.x? Most veterans on this site would tell you to wait until patch 3 or 4. 5.2.6/7 is far more stable than 5.4. at this point.

SecurityPlus

Explorer III

I seem to remember someone saying that firmware updates that end in an odd number are mostly bug fixes and that those ending in an even number include enhancements? Is that correct? For example 5.4.1- bug fixes, 5.4.2-enhancements.

AndreaSoliva

New Member

Hi

my view is following! If you compare to other releases like 5.0 and/or 5.2 it was always in this way that until Patch 3 - 5 there was coming new features this means listed as new feature in the "Whats-New" document. This means not that no bugfixes are done in Patch 3 - 5 this means mostly for me only following: As long as a Release hast some new features listed it is for me not acceptable for production use because new features will bring "probably" also new bugs" (we are talking about Security). As soon as you see for a Release under "Whats-New" nothing anymore listed it is a pure BugFix release. This means also Fortinet did not release new features in higher Patch Level if a lower one did not have new features (was in 5.0 and/or 5.2 in this way). From this point of view as soon as Fortinet releases a Patch with no new features meanig BugFix release you can think about to use this release. Before I would not use this release for production use!

My view my opinion.

Hope this helps

have fun

Andrea

ede_pfau

SuperUser

If we only had a free choice!

Not touching v5.4 for the next 4-5 patches means to wait for 12-15 months. And during this "ripening" period we cannot sell the E series into production environments.

After more than 10 years, I'm still hoping to find a customer who buys a Fortigate just to play around with it for a year or so, until FortiOS has stabilized and one can put it into production.

AndreaSoliva

New Member

Hi

absolutly right and absolutly not understandable why E serie can not be used with 5.2.x. From this point of view is your comment right and no go for E serie specially we are talking about security. I really would appriciate that Fortinet would launche 5.2.x for the E serie but it seems to me not the case....disappointing me!

have fun

Andrea

Matze

New Member

Hi there,

I tried to Upgrade from 5.2.7 to 5.4.1 -> Didn't work. My mgmt interface wasn't reachable

Tried first to upgrade to 5.4.0, same problem. Any ideas ?

Using a 140D. Here's the part of the interface config. I'm using the mgmt Interface as internal.

edit "mgmt" set vdom "root" set ip 10.0.1.1 255.255.0.0 set allowaccess ping https ssh fgfm capwap set broadcast-forward enable set vlanforward enable set type physical set explicit-web-proxy enable set explicit-ftp-proxy enable set device-identification enable set snmp-index 6 set secondary-IP enable config secondaryip edit 2 set ip 10.0.0.1 255.255.0.0 set allowaccess ping next end next

JohnLuo_FTNT

Staff

Hi Matze,

We tried to reproduce the issue with 140D and your config, failed to reproduce. If you still can see the issue, could you please send the config file and "get sys status" to beta@fortinet.com ? Thanks.

seadave

New Member

So unfortunate that 5.4.1 doesn't appear to be more stable. I have a two 500Ds. One testing, one production. We upgraded to 5.4.0 after much testing in March. We are not using Spam filter, HA or VLANs. Traditional firewalling, but we do use almost all scanning services, DPI, DLP, IPS, IDS, AV, VIPs. Was rock solid until about two weeks ago, the firewall randomly dropped to kernel conserve mode (of course right in the middle of a big meeting!!!). Fortinet didn't have an answer and I sent them lots of logs and configs. I'm not sure but it really appears that this happened after AV engine or definition update. I've been using scheduled reboots nightly to mitigate and tested 5.4.1 on our backup device but have not put it under load yet.

Today the problem occurred again:

16:16:14 Performance statistics: average CPU: 0, memory: 33, concurrent sessions: 2568, setup-rate: 29 16:21:14 Performance statistics: average CPU: 69, memory: 81, concurrent sessions: 2227, setup-rate: 29 16:21:21 The system has activated session fail mode, Scan services session failed 16:21:32 Kernel enters conserve mode

Ticket Number: 1787724

Only a hard power reset is able to get things flowing again. Of course it then complains that it wasn't shutdown properly and wants to do a disc check. SNMP monitor shows CPU and mem spike to >70% which halts system. Sessions are staying constant at <4K at peak, 1.8K minimum.

I'd like to turn on SYSLOG or see if I can increase what is being logged to the FAZ we use but not finding easily the right info on how to do that. I can find the CLI with all of the commands but info on how to configure filters is limited.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded