Hello,
I am currently working on relocating a FG800C to a new office. We were running 5.0.11 and since this is a new location, I have sometime to test things I decided to try out 5.4.0. For the past 2 days the firewall has crashed and completely locked up. No WAN ping, no LAN ping, no serial console, no usb console. I know there has been some issues, but has anyone else had their firewall lock up like that?
I have completely wiped and restored the device and it did not help at all. If anything it crashed even quicker than it did before the factory reset.
My plan is to downgrade back to 5.2.6, but I wanted to see if this was a common thing.
Thanks!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
during product update for fortios 5.4.x the speaker discouraging us to load fortios 5.4.x to Fortigate C series fortigate models. IMHO fortios 5.4.x designed for new released fortigate models which is D series
Fortigate Newbie
I am sadly reporting, that we have similar issue with FG800C, with 5.2.4
Firewall Freezing without any reason, logs showing nothing, if anyone has a clue would be great, before I need to push Fortinet to investigate what is going on with the device.
I'm going to head into the office to hookup a console cable to a PC with putty running to text file. I'm going to send the text file to a Windows compression enabled directory since I'm sure this file will get big.
Then I'm going to execute this command and let it run overnight --
diag debug enable
diag debug reset
diag debug flow show console enable
It should be able to grab what's happening. If it's a kernel panic it stands to reason that SNMP / logging won't help.
as sad as it goes, I am sure that you can try debugging, but the fact is that 99% it's kernel panic.
there is nothing in logs. the firewalls are crashing 1 by one with small difference of time.
it might be traffic related. but very strange behavior.
i will open a ticket with forti, will share the details as I get them.
I am running 5.2.4 668 ( which should be very stable )
simonx wrote:as sad as it goes, I am sure that you can try debugging, but the fact is that 99% it's kernel panic.
there is nothing in logs. the firewalls are crashing 1 by one with small difference of time.
it might be traffic related. but very strange behavior.
i will open a ticket with forti, will share the details as I get them.
I am running 5.2.4 668 ( which should be very stable )
Right, that's what I told them so we setup console logging. They did confirm it's very likely a bug in 5.4.0. We are going to confirm it with the console logs tonight, and if so, we are applying a 5.4.1 interim fix.
Edit: 5.2.7 is out btw for the older 5.2 OS.
unfortunately in my case, customer was so pissed, that he moved away from the machine. so atm. I am stuck to debugging it without production traffic.
I can upgrade to 5.2.7 but I am not sure it will do any good.
also noticed another lovely issue where one of the ports is actually damaged. like dead port.
It turned out to be a bug in 5.4.0 with IPSec VPN Dialup. We can't use IPSec VPN Dialup for now. We are disabling that and having people use SSL VPN for connecting to the network remotely.
The bug doesn't affect site to site IPSec tunnels.
Technically the bug is anytime you *remove* an interface. Due to the nature of how IPSec VPN Dialup works it causes the bug to surface often (user disconnects, system tries to remove interface, bug happens).
but this seems some what an issue with 5.4 version, not 5.2.4 which is what we are using. however it does sound very similar.
Do you know how that diag command is used? Without 'diag deb flow trace start 9999' you won't see anything.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1641 | |
1069 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.