I am EXTREMELY disappointed in this release. A week ago I upgraded 4 of our firewalls and the next morning found that two of remote users could no longer VPN in. Fortinet tech support came up with a fix and explained they have some new way of doing VPNs but it can only be done from the CLI.
Next thing I discovered is that on two different Fortigates that were protecting email servers you couldn' t send an email attachement bigger than about 2 to 3 megs even with the protection profile turned off.
The most distressing problem occured about 5 days after the upgrade. One of our firewalls stopped passing HTTP traffic to our web site but HTTPS was just fine. NO changes were made to the firewall config since the upgrade.
I figured that I' d try the Microsoft solution to fix it.. you know... just reboot the darn thing. Did that and it never came back on line. I remotely came in the back door to our web server and found I could still PING the Fortigate so I tried to login. After serveral muffed attempts I found out that I couldn' t log in was because the ADMIN password was now empty!
In fact my entire config was gone EXCEPT for the IP addresses configured on my interfaces. Luckily I had a back of my config and I downgraded to build 318, reloaded my config and was back on line.
Also found that ANY kind of A/V scanning through the Fortigate was incredibly slow and my CPU would go over 90-95% just sending one email through the firewall. That behavior was seen on two completely seperate systems.
I now have almost everything back to build 318 and life is back to normal.
Kevin Ericson, Pres., FCNSP
Certified Fortinet Engineer
Deadbolt Security Networks
9791 W Stanford Ave #5D
Denver, CO 80123