Alby23
Contributor II

FortiOS 5.2.9 is out

http://docs.fortinet.com/uploaded/files/3285/fortios-v5.2.9-release-notes.pdf

 

The list of the resolved issues is important IMHO, just some tips:

297421 HTTPs traffic is blocked after AV/IPS database update from FortiGuard.

306929 Fortigate memory logging is automatically enabled after reboot.

382828 When trying to access internal server through SSL VPN in web mode, the login page is not

371264 Modify user ran into lock when trying to change user's password during sslvpn connection.

376599 Keep IPSec traffic on the hardware during rekeying causes kernel panic.

1 Solution
ddskier

I ended up opening another ticket with Fortinet because IPS engine 3.0289 still has an issue.

 

They ended up providing me 3.0173.   I would open a ticket and ask for this ips engine.

-DDSkier FCNSA, FCNSP FortiGate 400D, (2) 200D, (12) 100D, (2) 60D

View solution in original post

43 REPLIES 43
MikePruett
Valued Contributor

Itguy wrote:

I take back my statement this version is running fine.

 

IT'S A DISASTER!  Both units we were testing in production have had serious issues. I will be rolling them back to 5.2.8 tonight, hopefully that goes as planned. But 5.2.9 is a BUGGY MESS. Stick with 5.2.8 if you are on it, and wait this one out.

 

VPN's not working, IPS crashes, blah blah blah.

That's a bummer. Hopefully they fix the issue

newnhap
New Contributor

We've also had the problem on all our 60D's and 90D's. I've opened a ticket with Fortinet to get the updated IPS Engine but still waiting. As a quick fix/workaround we stopped the IPS Engine by issuing the following command:

 

diag test application ipsmonitor 98

 

Not an ideal solution to stop the IPS Engine but user's couldn't work.

 

Apparently the issue is fixed in 5.2.10 but no release date yet.

 

lubyou
New Contributor

For us 5.2.9 broke SSH, HTTPS, and SSL VPN on a Fortigate 60d on the wan1 interface.

The same services where still available on wan2, SSL VPN did not work, though.

Reverting to 5.2.8 fixed all mentioned issues.

Pretty bad experience.

SMabille

Can confirm related issues on 200D. Broken SSL interception generating random "bad cypher" errors in Chrome. reverted to 5.2.8