Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
micahawitt
New Contributor III

50E/51E

Anyone have one of these yet?  Looking to upgrade from a 40C.

 

A little skeptical with this new line, I don't want another 60C type product on my hands here...

 

Just looking to see reviews, stable, good, bad, ugly....

3 Solutions
seferkayar

cryptochrome wrote:

I've been using a 51E for the last couple of weeks and while I am generally happy, I had a few occasions where the box entered conserve mode. Even though we only have very few users here (less than 5), but we always have between 1000 and 1500 sessions. I am not sure whether this could be a bug in FortiOS 5.4.0 (memory leak?) or whether 2 GB of RAM are just not enough.

 

 

Hi

FortiOS 5.4.1 has been released. I see that it is released on 8th June. There is a resolved bug about entering conserve mode as below. It may be your occasion.

 

Service : FSSO

Bug ID :302908

Smbcd continuously requests for memory; this causes the system to enter conserve mode.

View solution in original post

bartman10

Oook.. Why would you down vote facts! Fact is they shipped a product with a major feature not even working! Screwed me around for months with bullS@##$ gathering logs and playing with level 1-2 support. If you had spent the months fighting with support about this while they make you feel like you are the only one in the world having this problem only to find out they know about it.. you'd maybe have a slightly different opinion of the situation. So yes.. all the while I've got a project in remote office that is behind schedule because I have a defective firewall. Sent back that untested junk and got a 60D.

BTW.. my ticket is still open with support.. let me ping the guy and ask if it's resolved yet. Last time I asked, 5-20, it was still not.

 

So down vote me all you want! I've come on here as a service to other users to prevent them from having to go through what I went through with FN support. I can't even imagine why anyone would down vote that.. but what ever. 

300E x3, 200D, 140D, 94D, 90D x2, 80D, 40C, handful of 60E's.. starting to loose track.

Over 100 WiFi AP's and growing.

FAZ-200D

FAC-VM 2 node cluster

Friends don't let friends FWF!

View solution in original post

300E x3, 200D, 140D, 94D, 90D x2, 80D, 40C, handful of 60E's.. starting to loose track. Over 100 WiFi AP's and growing. FAZ-200D FAC-VM 2 node cluster Friends don't let friends FWF!
micahawitt
New Contributor III

I have to agree with bartman10 here.  I find I have slowly been migrating over to Cisco Meraki for what my needs are for my clients.  We could sit here all day and do pros/cons, I feel that Fortinet is releasing things that seem to be more and more flaky. 

 

It is confusing to me that as a company like Fortinet, I dont need the flashy gui, something normal, yet how is it that with the lines of code, how can you deliver a product that you support all these features, yet seemingly cant have them all on on some products as the hardware will flake out.  Engineer your products to handle it, or have some of the lower models not support it if all it will do is go into conserve mode.

 

I don't need the flashy gui, I need a working product.

 

Since I have change one of my clients to full Meraki Solution, VPN times between sites have gone from a 150+ms ping time down to an average of +15-40ms which has made VOIP Cisco phones respond much better.

 

 

View solution in original post

45 REPLIES 45
micahawitt

Not necessarily, depends on how many  users and what you are trying to do.

 

Also, while FGT may have those numbers, depending on what features and how many users, you probably wont get that.

 

For my users, Most have a MX64/65 and the head office has a MX84 and it is as solid as can be.

cryptochrome

micahawitt wrote:

Also, while FGT may have those numbers, depending on what features and how many users, you probably wont get that.

 

Yes, but that statement is true for all firewalls.

 

Looking at the highest end Meraki model, they have 10 gbit interfaces but only specify a throughput of 1 gbit. How does that even fit together? 

micahawitt

For the higher end stuff, I can not give you an answer, I simply do not know.  I am talking for lets say the 90 and under series for the fortigates.  The spec/preice point these for branch or smaller offices, and if were talking a 40 user office, for me personally, i am seeing better results with a Meraki over a Fortigate at this point.  For the features available in a smaller foot print, Meraki is able to deliver the features while not having there firewalls go into conserve mode, or disabling half of the features it says it can do. 

 

If Fortigate could beef up there specs on the smaller firewalls to handle the UTM features it would be great and I would probably not be switching.

 

AS far as throughout however, even though a Fortigate 50/51 can handle lets say a 1Gbs throughput, the internet that is connected is very rarely going to hit that, more often you will have a 20-30x2-5 range on those.  The bread and butter of them is going to come from the VPN and concurrent firewall usage for them.

 

 

cryptochrome

True, but throughput is not just relevant for Internet (although I admit for these small firewalls in most cases it probably is). 

 

Anyways, as I said, the Merakis look pretty interesting. I like their "cloud managed" approach. Probably good if you are dealing with a lot of SOHO customers. I will keep them on my radar.

 

Do you have any experience with their other devices, like switches and WLAN access points?

 

micahawitt

Yepper, it really boils down to what is easy to manage and what is does for the end user, in my case, the Meraki (the cloud based management is huge!) is very helpful.

 

As far as there suite, yes, I work with there switches and the wifi units.  the more you put together the better it has been.  So far I have used the 8port POE and the MR18.  it is a very stellar combo and I am currently researching and will be demoing there phones that they have released.  Currently have one client that I am looking to migrate off there UCS.  65% of there network is Meraki currently, will be upgrading there Core and SAN switch in the next 3 months.

 

It really is a nice product, even for remote users, you can prestage a lot, the firewalls you can login and set the IP, everything else is the dashboard which is great.  By far the biggest advantage for me personally has been the VPN.  Fortigate is nice, but litteraly 3 clicks to get a VPN going between Merakis, and if there is multiple, very easy to switch between mesh or hub/spoke if needed.

cryptochrome

Interesting. Thanks!

bartman10

Most recient reply from my support ticket is 5.4.1 has been running for 6 weeks and seems to be ok... Wow.. quality job there FN.. put a freeking bow on that one.

It was said he has heard of some customers still having the wifi crashing issue.

 

My reply:

Thanks for the info.. it's still worrying an "enterprise" company is relying on 6 days worth of "well it hasn't burned up yet" data for a product that has been out in the wild for 3-4 months. Why is there no alert posted on the support page about that. Fortinet never seems to be forthcoming with critical info customers need. It builds trust. The way FN has handled this destroys trust.

I've been worried about my choice for UTM providers at my company lately. I've actually received quite a few private messages and emails from the forums from other customers and resellers expressing the same worry. How would you feel if you where me? Look at some of my other tickets.. Secret suggested firmware levels for 223B's that crash your FG and wifi if you go above,94D bootloop out of the box if you upgrade it's firmware, this.. and others.

FG should come clean about this screw up, apologize, and work to correct the environment that lead to it. That builds trust. The mushroom treatment does not.

300E x3, 200D, 140D, 94D, 90D x2, 80D, 40C, handful of 60E's.. starting to loose track.

Over 100 WiFi AP's and growing.

FAZ-200D

FAC-VM 2 node cluster

Friends don't let friends FWF!

300E x3, 200D, 140D, 94D, 90D x2, 80D, 40C, handful of 60E's.. starting to loose track. Over 100 WiFi AP's and growing. FAZ-200D FAC-VM 2 node cluster Friends don't let friends FWF!
nikhil4430

Hi Friends,

Dose FortiGate 50E -BDL support for NAT within Private to public addressing?  Just wanted to confirm.

and also let me know the performance of 50E BDL. 

 

Thanks

 

Gianluca_Caldi
New Contributor

Hi,

I'm going to deploy a couple of 50E for "live" test on sites previously powered by 60C in the next days. We tested before the 60D on the same sites but performance in this case didn't get really improved (we're talking about 40/50 users with UTM feature active). I'll let you know how the 50E behave..

Bye

Gianluca

FGT: 50E,100D, 200D, 600D
FMG: VM64

FAZ: VM64

FGT: 50E,100D, 200D, 600DFMG: VM64 FAZ: VM64
bartman10

Be aware I'm working on an issue with FWF-50E hard locking. I've recieved 2 RMA units and can reliablay reproduce the hard lock on all 3 units. 

All I do is take it home, swap out my home router and play some online video games while my kids watch youtube. In about an hour the unit hard locks. 

Support can't find anything... I've spent enough time doing QA on their units and am just returning them and maybe looking to deploy 60D's or 30E's or something... 

 

FYI

300E x3, 200D, 140D, 94D, 90D x2, 80D, 40C, handful of 60E's.. starting to loose track.

Over 100 WiFi AP's and growing.

FAZ-200D

FAC-VM 2 node cluster

Friends don't let friends FWF!

300E x3, 200D, 140D, 94D, 90D x2, 80D, 40C, handful of 60E's.. starting to loose track. Over 100 WiFi AP's and growing. FAZ-200D FAC-VM 2 node cluster Friends don't let friends FWF!
Labels
Top Kudoed Authors