Hi, I just upgraded a HA pair of 100D's from 5.2.13 to 5.6.5 and for some reason Im now sporadically getting "ERR_CONNECTION_RESET" browsers errors (chrome) on the initial inbound connections to various web servers (VIP) when I have IPS enabled (tried updating to the built in profiles post upgrade with same issue).
Once the site finally loads everything seems to work fine, it just appears to be the initial connection hangs up about 50% of the time. Any ideas? Im not sure if this an issue with the engine, or perhaps and issue with the IPS being offloaded to the slave unit?
Hello there,
you should have used the official upgrade path = 5.2.13 -> 5.4.9 -> 5.6.5.
If possible go back to 5.2.13 and then follow the upgrade path.
sudo apt-get-rekt
Yes this is the path I followed, you can't directly go to 5.6.5 from 5.2
hmm what is the ips engine ver. number?
are you browsing through an ipsec tunnel?
sudo apt-get-rekt
looks like:
IPS Attack Engine Version: 3.00532
AV Engine Version: 5.00361
I've confirmed it's the same on both units.
The issues occurs on INBOUND http/https connections from the WAN zone (via VIP), not outbound.
witch utm features are enabled?
sudo apt-get-rekt
So I think I may have figured out the issue. It appears that my original customized v5.2 IPS policy which was upgraded may have been causing issues. I created a new policy from scratch and applied it and now it seems to be much more robust and stable. I will continue to monitor. I do have an open ticket with TAC who has identified this same issue with prior builds, just not in 1600 (5.4.5). So I will continue to monitor.
nice to hear and thanks for the hint, i have to upgrade one of our older devices soon :)
sudo apt-get-rekt
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.