Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Jirka1
Contributor III

7.0.4 - break Proxy inspection

Hello,

 

yesterday I upgraded FG200E to version 7.0.4.

In the previous version 7.0.1 I used proxy inspection + SSL deep inspection (certificate signed from AD). After the update (7.0.1 -> 7.0.3 -> 7.0.4) all policies in Proxy mode stopped working. Each browser returned an "err_ssl_protocol_error" error, but eg IMAPS, SMTPS worked well.
Once I've adjusted the Policy to flow (and all UTMs), everything works.

 

There wasn't much time to find out why it behaves like this, I'll continue this weekend.

 

Has anyone tried to deploy 7.0.4?

 

Jirka

36 REPLIES 36
qasit
New Contributor

Why hasn't the update been pulled?

I really need 7.0.4 as it supposedly addresses an issue that sends my box into conserve mode repeatedly that I first highlighted 8 weeks ago in a ticket! 

Now this issue has accentuated what little trust in Fortinet I had, it has now eroded to dust.

I have referenced this discussion in my ticket, I pray you do the same.

Kangming

Hi 

Sorry for this issue that has affected the use of your device. Devs are actively handling and responding, we will have a quick patch V7.0.5 next week and BUG 0778659 has been added to the known issues in the release note of V7.0.4, In order to remind customers don’t upgrade to V7.0.4 for FGT using the UTM IPS/APP proxy function.

 

Thanks

Kangming

RaDon
New Contributor

I have same problems on FG201FD. Rolback to 7.0.3

VLOGIC
New Contributor

Same issue on HA 60F since upgrade 7.0.4. Definitively is a bug from with version. support should investigate it.

Debbie_FTNT

Hey Vlogic,

We are - Kangming (also from Fortinet) updated this thread a few days ago:

"Hi 

Sorry for this issue that has affected the use of your device. Devs are actively handling and responding, we will have a quick patch V7.0.5 next week and BUG 0778659 has been added to the known issues in the release note of V7.0.4, In order to remind customers don’t upgrade to V7.0.4 for FGT using the UTM IPS/APP proxy function."

 

This is being fixed from our side, and 7.0.5 is being moved forward to address this :).

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
HandP

Yeah, love Fortinets Bug description in the release notes:

"778659:  Proxy inspection fails due to ipsapp session open failed: all providers busy."

 

It could be a BIT more descriptive.  

viktup

When are we having this update? Will it be as usual in the download portal?

Debbie_FTNT

It should be available in the download portal, and there is no fixed date yet, but sometime this week, to my knowledge.

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
SONA
New Contributor

i installed a new FG200F with 7.0.4, it worked fine for two days, then users reported problems with internet access, switched policies to internet from proxy to flow mode and everything started to work again.  

Debbie_FTNT
Staff
Staff

7.0.5 is out since some time yesterday, which should contain the fix for the proxy issue.

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++