Alby23
Contributor II

FortiOS 5.2.9 is out

http://docs.fortinet.com/uploaded/files/3285/fortios-v5.2.9-release-notes.pdf

 

The list of the resolved issues is important IMHO, just some tips:

297421 HTTPs traffic is blocked after AV/IPS database update from FortiGuard.

306929 Fortigate memory logging is automatically enabled after reboot.

382828 When trying to access internal server through SSL VPN in web mode, the login page is not

371264 Modify user ran into lock when trying to change user's password during sslvpn connection.

376599 Keep IPSec traffic on the hardware during rekeying causes kernel panic.

1 Solution
ddskier

I ended up opening another ticket with Fortinet because IPS engine 3.0289 still has an issue.

 

They ended up providing me 3.0173.   I would open a ticket and ask for this ips engine.

-DDSkier FCNSA, FCNSP FortiGate 400D, (2) 200D, (12) 100D, (2) 60D

View solution in original post

43 REPLIES 43
ddskier

I just requested the lastest version of the IPS engine.   You may want to ask for the same to see if it corrects the problem for you.

-DDSkier FCNSA, FCNSP FortiGate 400D, (2) 200D, (12) 100D, (2) 60D

bommi
Contributor III

ddskier wrote:

I just requested the lastest version of the IPS engine.   You may want to ask for the same to see if it corrects the problem for you.

Please tell me which version you recieved, once you got it.

The latest version I have is 3.0288.

NSE 4/5/7

ddskier

I got 3.0289 via the support team

-DDSkier FCNSA, FCNSP FortiGate 400D, (2) 200D, (12) 100D, (2) 60D

MrSinners

The ones that mentioned the IPS crashing problem, has it been resolved with an IPS engine update?

hklb

How many times per days the IPS crash ?

 

We have IPS on our FGT without any issue with 5.2.9.. all works fine (multiple VDOM, VPN, ospf, pbr, ..)

simonorch

Seems that it's an issue confined to SOC based models, is that right?

 

Anyone been seeing this on anything larger than a 100D?

NSE8 Fortinet Expert partner - Norway

ddskier

I have it rolled out to 100D, 2x 200D units without any issues.  Granted I did apply the new IPS engine right away to ensure there weren't any issues.

-DDSkier FCNSA, FCNSP FortiGate 400D, (2) 200D, (12) 100D, (2) 60D

vladimircze
New Contributor III

Hello,

 

Bad experience with 5.2.9 on 100D. Rapidly SSL VPN disconnection (for some users no more 5-10 minutes without disconnection, for some users disconnections once per hour).

Was upgraded from 5.2.7.

Downgrade to 5.2.8. Everything okay. SSL VPN tunnels run more than 12 hours without disconnections.

 

 

Vladimir.

ddskier

vladimircze wrote:

Hello,

 

Bad experience with 5.2.9 on 100D. Rapidly SSL VPN disconnection (for some users no more 5-10 minutes without disconnection, for some users disconnections once per hour).

Was upgraded from 5.2.7.

Downgrade to 5.2.8. Everything okay. SSL VPN tunnels run more than 12 hours without disconnections.

  

Vladimir.

Have you tried ensuring the latest SSLVPN client is installed?   The default from the VPN website may be old.   (Download from Fortinet  4.0.2328

-DDSkier FCNSA, FCNSP FortiGate 400D, (2) 200D, (12) 100D, (2) 60D

vladimircze
New Contributor III

Yes, latest client which recommended for 5.2.9, for 5.4.1, and latest FortiClient - all of them had disconnecitons.

After downgrade - everything becomes to normal and stable.