5.6.5 Upgrade, sporadic ERR_CONNECTION_RESET with IPS enabled
Hi, I just upgraded a HA pair of 100D's from 5.2.13 to 5.6.5 and for some reason Im now sporadically getting "ERR_CONNECTION_RESET" browsers errors (chrome) on the initial inbound connections to various web servers (VIP) when I have IPS enabled (tried updating to the built in profiles post upgrade with same issue).
Once the site finally loads everything seems to work fine, it just appears to be the initial connection hangs up about 50% of the time. Any ideas? Im not sure if this an issue with the engine, or perhaps and issue with the IPS being offloaded to the slave unit?
So I think I may have figured out the issue. It appears that my original customized v5.2 IPS policy which was upgraded may have been causing issues. I created a new policy from scratch and applied it and now it seems to be much more robust and stable. I will continue to monitor. I do have an open ticket with TAC who has identified this same issue with prior builds, just not in 1600 (5.4.5). So I will continue to monitor.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.