Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
James_G
Contributor III

FortiOS 6.2.3 is out

6 Solutions
emnoc
Esteemed Contributor III

Same here, 6.2.3 is solid and works great. 

 

Ken Felix

PCNSE 

NSE 

StrongSwan  

View solution in original post

PCNSE NSE StrongSwan
emnoc
Esteemed Contributor III

We have both on but on all medium size 200 and 300Es, so it looks good for now. Will keep monitor.

 

Ken Felix

PCNSE 

NSE 

StrongSwan  

View solution in original post

PCNSE NSE StrongSwan
Jirka1

ede_pfau wrote:

thanks for responding - neither do I, I prefer to use a FAZ instead of an x1 model, better investment even in the short run...

 Hi Ede, Today I upgraded to 6.2.3: 2x 81E HA -  from version 6.0.8, all without any problems (SSL VPN, IPsec VPN, without UTM) 1x 61E - from version 6.0.8, all without any problems (SSL VPN, IPsec VPN, full UTM)

 

everything is connected to FAZ200D, 6.0.7

 

only where I had in Custom device group in Policy after the update it changed to "all" - watch it.

 

 

Jirka

View solution in original post

Jirka1

Hi Ede, yes, they do

 

Jirka

View solution in original post

James_G
Contributor III

JaapHoetmer
New Contributor III

Hi there,

 

I have found an issue with 6.2.3 where emails with attachments sent from Outlook using SMTPS (465) were blocked. After disabling the UTM checks on the outbound policy the email functions returned to normal.

 

This firewall was upgraded Sunday the 12th, and the problem appeared on Monday morning the 13th. No other changes were performed on the firewall apart from the upgrade.

 

Kind regards, Jaap

View solution in original post

Kind regards, Jaap
40 REPLIES 40
tanr
Valued Contributor II

Roman, we're the FortiLink issues only for 802.1x, or did you hit additional issues with FortiLink?

romanr
Valued Contributor

tanr wrote:

Roman, we're the FortiLink issues only for 802.1x, or did you hit additional issues with FortiLink?

As far as we know it is only related to 802.1x - But at the bug itself comes from the Fortigate not pushing the correct objects to the switches - I'd be cautios, when using any advanced FortiLink setup

 

Br,

Roman

tanr
Valued Contributor II

Thanks, Roman.  I'll see if I can do a lab setup with 6.2.3 and FortiLink to test our configs.  Planning to wait for 6.2.4 before production anyway, except for some simple setups.

ede_pfau
Esteemed Contributor III

@tanr or @romanr,

 

could you possibly test if the LACP feature is now implemented in FOS v6.2.3 for a "x1" model (FG-61E, 61F, whatever)? Was missing in v6.2.1 and is a subject in the forums atm. Thanks!


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
romanr
Valued Contributor

ede_pfau wrote:

@tanr or @romanr,

 

could you possibly test if the LACP feature is now implemented in FOS v6.2.3 for a "x1" model (FG-61E, 61F, whatever)? Was missing in v6.2.1 and is a subject in the forums atm. Thanks!

Hi Ede

 

6.2.3 is not available yet for the new SoC - 60F and 100F models' firmware is still missing

 

Br

Roman

Dragnipur

Hello,

 

just upgraded two 60E clusters. Each time we have lost the HA during the upgrade process (after the slave reboot) resulting in a split-brain scenario (old slave in 6.2.3 and old master in 6.2.1) with two masters. In one occurence we also have a 100% CPU load fo hasync process...

Everything was corrected with a reboot and a restart of the upgrade process.

 

But I don't feel very confident for my remote sites behind 4G boxes (only accessible through the IPSEC VPN). If the upgrade fails then I may lost the hand on the device...

tanr
Valued Contributor II

Hi Ede,

 

Sorry, but no x1 (61E etc.) models to test currently.

ede_pfau
Esteemed Contributor III

thanks for responding - neither do I, I prefer to use a FAZ instead of an x1 model, better investment even in the short run...


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Jirka1

ede_pfau wrote:

thanks for responding - neither do I, I prefer to use a FAZ instead of an x1 model, better investment even in the short run...

 Hi Ede, Today I upgraded to 6.2.3: 2x 81E HA -  from version 6.0.8, all without any problems (SSL VPN, IPsec VPN, without UTM) 1x 61E - from version 6.0.8, all without any problems (SSL VPN, IPsec VPN, full UTM)

 

everything is connected to FAZ200D, 6.0.7

 

only where I had in Custom device group in Policy after the update it changed to "all" - watch it.

 

 

Jirka

ede_pfau
Esteemed Contributor III

@Jirka

 

So you've got x1E models and FOS v6.2.3 running...do they offer the LACP feature now? Thanks in advance.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Labels
Top Kudoed Authors