The list of the resolved issues is important IMHO, just some tips:
297421 HTTPs traffic is blocked after AV/IPS database update from FortiGuard.
306929 Fortigate memory logging is automatically enabled after reboot.
382828 When trying to access internal server through SSL VPN in web mode, the login page is not
371264 Modify user ran into lock when trying to change user's password during sslvpn connection.
376599 Keep IPSec traffic on the hardware during rekeying causes kernel panic.
Go to Solution.
I ended up opening another ticket with Fortinet because IPS engine 3.0289 still has an issue.
They ended up providing me 3.0173. I would open a ticket and ask for this ips engine.
FortiGate 400D, (2) 200D, (12) 100D, (2) 60D
View solution in original post
I just requested the lastest version of the IPS engine. You may want to ask for the same to see if it corrects the problem for you.
ddskier wrote:I just requested the lastest version of the IPS engine. You may want to ask for the same to see if it corrects the problem for you.
Please tell me which version you recieved, once you got it.
The latest version I have is 3.0288.
I got 3.0289 via the support team
The ones that mentioned the IPS crashing problem, has it been resolved with an IPS engine update?
How many times per days the IPS crash ?
We have IPS on our FGT without any issue with 5.2.9.. all works fine (multiple VDOM, VPN, ospf, pbr, ..)
Seems that it's an issue confined to SOC based models, is that right?
Anyone been seeing this on anything larger than a 100D?
Fortinet Expert partner - Norway
I have it rolled out to 100D, 2x 200D units without any issues. Granted I did apply the new IPS engine right away to ensure there weren't any issues.
Bad experience with 5.2.9 on 100D. Rapidly SSL VPN disconnection (for some users no more 5-10 minutes without disconnection, for some users disconnections once per hour).
Was upgraded from 5.2.7.
Downgrade to 5.2.8. Everything okay. SSL VPN tunnels run more than 12 hours without disconnections.
vladimircze wrote:Hello, Bad experience with 5.2.9 on 100D. Rapidly SSL VPN disconnection (for some users no more 5-10 minutes without disconnection, for some users disconnections once per hour).Was upgraded from 5.2.7.Downgrade to 5.2.8. Everything okay. SSL VPN tunnels run more than 12 hours without disconnections. Vladimir.
Have you tried ensuring the latest SSLVPN client is installed? The default from the VPN website may be old. (Download from Fortinet 4.0.2328
Yes, latest client which recommended for 5.2.9, for 5.4.1, and latest FortiClient - all of them had disconnecitons.
After downgrade - everything becomes to normal and stable.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2022 Fortinet, Inc. All Rights Reserved.