- Forums
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiBridge
- FortiAuthenticator
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDDoS
- FortiDAST
- FortiDB
- FortiDNS
- FortiDevSec
- FortiDeceptor
- FortiDirector
- FortiEDR
- FortiGate Cloud
- FortiExtender
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiMonitor
- FortiManager
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecorder
- FortiRecon
- FortiSandbox
- FortiScan
- FortiSASE
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- FortiWebCloud
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- FortiGate Upgrade | from v7.4.2 to v7.4.3
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiGate Upgrade | from v7.4.2 to v7.4.3
Hi Fortinet Community,
One of our clients wants to upgrade their FortiGate (physical appliance), deployed on-prem as an edge firewall. The current running version is v7.4.2, and the client wishes to upgrade to v7.4.3.
Could you please confirm if v7.4.3 is a stable version and does not contain any significant bugs or issues? If it is not stable, could you suggest a stable version of FortiGate to upgrade to?
Sheeraz Ali
Sheeraz Ali
Labels:
- Labels:
-
FortiGate
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @sheerazali,
You may refer to this article to help you determine the most appropriate release of FortiOS based on the product you have.
For the known issue and fixes, you can visit the release notes of your target firmware.
As for 7.4.x, the latest release is 7.4.4.
https://docs.fortinet.com/document/fortigate/7.4.4/fortios-release-notes/236526/known-issues
https://docs.fortinet.com/document/fortigate/7.4.4/fortios-release-notes/289806/resolved-issues
It is important for the customer to do a bug scrub to clearly understand the available known issues and check if the existing configuration/setup will be impacted.
JE
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In general, all relased versions are considered stable.
Only the person who manages the firewall can identify if there is a problem, and generally that is after the upgrade. Checking the known bugs and release notes should be a compulsory step (you know the device model and what you have configured on the FG).
- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @sheerazali ,
Actually, all GA releases are tested and verified by QA team and can be deployed in a production environment. We generally recommend checking release notes, specifically resolved and known issues. Customers occasionally concentrate on issues that have been resolved while ignoring known issues that could cause unanticipated issues after deployment. A test environment would be recommended to check before rolling-out in a production.
regards,
Sheikh
**If you come across a resolution, kindly show your appreciation by liking and accepting it, ensuring its accessibility for others**
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I echo all the staff responses of "read the release notes" for known and fixed issues for the version you want to upgrade to. So much of this depends on what features you're using so it's best to read all the known and fixed issues list.
But I'll give you an field report. I've been running 7.4.4 (started out with 7.4.3) in production for 6 weeks in an HA setup and not had major operational issues.
Of three issues I have encountered, one is minor, second was ha configuration related, and the third was an unexpected behavioral change from version 7.0.14 (which we ran on our previous FGs).
The minor issue was that some of our routes were being misidentified as "BGP VPNv4" in the routing table. It did not affect routing or traffic flow, but was identified as a bug when changing routes from a blackhole route to non-blackhole on a different interface. Deleting the route and recreating it seems to solve this particular issue.
We had fnbamd crashing issues when we had "ha direct enabled" set. The effects of this crash were vpn authentications failing. Enabling ha direct was a configuration decision that I made on initial deployment. Enabling "ha direct" changes traffic flow within the Fortigate in ways that I did not fully appreciate. After the troubleshooting, I just left it disabled and decided we don't really need it enabled after all.
After the crash issue was solved, we ran into the behavior change involving timeout values for authenticating to our remote authentication servers. We needed to raise ldapconntimeout in Global Settings to a large value, where we previously had it set to default. If your authentication is working correctly for your vpn users, then you'll probably be good since you're only moving from 7.4.2.
Like I said, we've only been up and running for 6 weeks in production, so may not have had enough time to shake things down fully. Read the docs! But if you're going to upgrade, you may want to just go to 7.4.4. You're client is already on the bleeding edge with 7.4, as the recommended version for most newer devices is still 7.2.7.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Dear Sheeraz Ali,
It is always recommended updating to the latest branch of software version if your device model is supported, as it would include the recent bug fixes from the previous branches. We would advise you to have a look at the release notes of specific version you are interested to upgrade to make sure you are aware about known issues & issues fixed for the same.
Regards,
Jef
Announcements
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
Related Posts
- How to upgrade Fortiweb firmware 0 View
- FortiGate Send SNMP traps when automation... 4 Views
- FSSO logon mimatch 53 Views
- Is FortiCloud Down? 118 Views
- How to Create Policy for LDAP... 82 Views
Labels
-
FortiGate
7,193 -
FortiClient
1,419 -
5.2
801 -
5.4
639 -
FortiManager
621 -
FortiAnalyzer
460 -
6.0
416 -
FortiAP
376 -
FortiSwitch
375 -
5.6
362 -
FortiClient EMS
291 -
FortiMail
281 -
6.2
251 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
176 -
FortiNAC
128 -
6.4
128 -
FortiGuard
116 -
IPsec
110 -
SSL-VPN
109 -
FortiGateCloud
98 -
FortiSIEM
94 -
FortiCloud Products
90 -
FortiToken
77 -
Customer Service
71 -
Wireless Controller
65 -
4.0MR3
64 -
SD-WAN
50 -
FortiProxy
49 -
FortiEDR
46 -
FortiADC
45 -
Fortivoice
44 -
FortiDNS
39 -
FortiExtender
35 -
FortiGate v5.4
35 -
FortiAuthenticator
35 -
Firewall policy
35 -
FortiSandbox
34 -
FortiSwitch v6.4
32 -
VLAN
31 -
High Availability
31 -
DNS
24 -
FortiWAN
24 -
FortiConnect
24 -
ZTNA
23 -
BGP
21 -
LDAP
21 -
FortiConverter
21 -
Certificate
21 -
SAML
20 -
FortiGate v5.2
19 -
FortiPortal
18 -
Routing
18 -
Interface
18 -
FortiSwitch v6.2
17 -
VDOM
17 -
FortiMonitor
15 -
Authentication
15 -
FortiLink
15 -
FortiGate v5.0
14 -
Fortigate Cloud
14 -
FortiDDoS
14 -
Logging
14 -
NAT
13 -
RADIUS
12 -
SSL SSH inspection
12 -
FortiCASB
12 -
Application control
11 -
Web profile
11 -
Traffic shaping
10 -
Virtual IP
10 -
SSO
10 -
FortiRecorder
10 -
SSID
9 -
FortiWeb v5.0
9 -
FortiManager v5.0
9 -
WAN optimization
9 -
4.0MR2
9 -
IP address management - IPAM
8 -
FortiBridge
8 -
SNMP
8 -
FortiGate v4.0 MR3
8 -
OSPF
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
FortiAnalyzer v5.0
7 -
FortiAP profile
7 -
4.0
7 -
Admin
7 -
Web application firewall profile
7 -
Static route
6 -
Security profile
6 -
Proxy policy
6 -
Traffic shaping policy
6 -
Automation
6 -
IPS signature
5 -
Packet capture
5 -
DNS Filter
5 -
FortiCache
5 -
FortiManager v4.0
5 -
trunk
5 -
FortiDeceptor
4 -
FortiDirector
4 -
Web rating
4 -
Intrusion prevention
4 -
Port policy
4 -
Antivirus profile
4 -
System settings
4 -
FortiPAM
4 -
FortiCarrier
4 -
FortiTester
4 -
3.6
4 -
DLP sensor
4 -
FortiScan
4 -
Fabric connector
3 -
NAC policy
3 -
Users
3 -
Multicast routing
3 -
FortiToken Cloud
3 -
Traffic shaping profile
3 -
Fortinet Engage Partner Program
3 -
DLP Dictionary
3 -
DLP profile
3 -
FortiDB
3 -
DoS policy
3 -
Email filter profile
3 -
FortiInsight
2 -
Netflow
2 -
Protocol option
2 -
FortiAI
2 -
Application signature
2 -
FortiHypervisor
2 -
VoIP profile
2 -
Internet Service Database
2 -
Explicit proxy
2 -
4.0MR1
1 -
Multicast policy
1 -
Zone
1 -
FortiCWP
1 -
Kerberos
1 -
Subscription Renewal Policy
1 -
FortiNDR
1 -
TACACS
1 -
Replacement messages
1 -
Schedule
1 -
SDN connector
1 -
FortiManager-VM
1 -
Authentication rule and scheme
1 -
Service
1
Top Kudoed Authors
| User | Count |
|---|---|
| 1077 | |
| 892 | |
| 529 | |
| 441 | |
| 152 |
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.