.
FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
and still packet capture is hidden from the gui on the small boxes.
Not a big deal as it's still available by typing the url manually, but it's irritating.
techevo wrote:
Also on my 100D, Fortiview does not show anything in 5 min, 1 hours and 24 hours, only in now ( and yes I have log to disk enable ). It was working just fine in 5.2.1 - Any body else in the same boat or it's just me?
We had a similar issue in that FortiView did not show returns for 5 min, 1 Hour & 24 Hours. A Fortinet engineer recommended that we 'Enable Local reports' on Log Settings. We are now getting returns on all time frames.
Hope this helps.
ISOffice wrote:No worries, glad to hear it helped.
To be honest, I cannot see why this made the difference. Credit should really go to AJ in FortiNet Support.
JP
My guess is that FortiView uses the SQLlite database which is activated by "Local Report" feature.
FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
networkingkool wrote:Hi,Hi community,
I tried the image 5.2.2 for 80C unit few days ago. But something went wrong. The whole LANs behind the fortigate cannot go to Internet. Only fortigate unit itself can go to Internet.
I recheck my configuration many times but cannot find any error with the configuration. I have to revert back to the image 5.2.1 then LANs can go Internet without any changes in configuration.
I think the fortigate get problem with NAT function.
Does anyone have the same problem with me?
Please advice.
Goto: Policy & Objects -> Objects -> Services -> Open ALL and change Protocol number from 6 to 0
Fortigate <3
techevo wrote:Also on my 100D, Fortiview does not show anything in 5 min, 1 hours and 24 hours, only in now ( and yes I have log to disk enable ). It was working just fine in 5.2.1 - Any body else in the same boat or it's just me?
It's working fine on my 100D and 300D. I can see all the time tabs are populated. Yes, I've run 5.2.2 for more than a day.
techevo wrote:
Also on my 100D, Fortiview does not show anything in 5 min, 1 hours and 24 hours, only in now ( and yes I have log to disk enable ). It was working just fine in 5.2.1 - Any body else in the same boat or it's just me?
We had a similar issue in that FortiView did not show returns for 5 min, 1 Hour & 24 Hours. A Fortinet engineer recommended that we 'Enable Local reports' on Log Settings. We are now getting returns on all time frames.
Hope this helps.
Thanks ! I would never have guessed that !
It does work! I now have all historical data in fortiview.
Upgraded a 200D to 5.2.2 seems fine.
Main attraction is fortiview has improved, and gui is bit faster than the previous ones.
However,I have found a few issues.
1. Still the IPSec VPN monitor Module provides wrong Data ( in one day 250 GB which is not possible)
2. I have upgraded FAP221B also, The clients IP's are not showing in the "Client Monitor" module. I think its an issue with Controller.
is it just a joke ???
Pay for FAZ and lost logs ???????
FGT 5.2.2 release notes
Table 28:
[LEFT][size="2"]Known log & report issues[/size][/LEFT]Bug ID Description
0260101 The log loss rate to FortiAnalyzer is higher than on previous builds.
2 FGT 100D + FTK200
3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
I'm having severe issues with any 5.2.x on my 80C.
Depending on whether I flash it or just run it without saving the image to flash it either hangs at "System is starting..." or crashes with "ehci_hcd 5035: fatal error".
I can also confirm that FortiOS 5.2.2 image for FortiGate 80C is broken.
Do not install it on a productive device, especially not on remotely located units, wihout further testing!
When trying to boot the image, my device gets caught in an infinite boot loop.
Press any key to display configuration menu...
......
Reading boot image 1431271 bytes.
ehci_hcd 5035: fatal error
I had to revert back to 5.2.1 by using the backup image via bootloader, which required direct serial connection.
I tried the upgrade process twice, ending up in the same fatal error boot loop each time.
dfroe wrote:I can also confirm that FortiOS 5.2.2 image for FortiGate 80C is broken.
Do not install it on a productive device, especially not on remotely located units, wihout further testing!
When trying to boot the image, my device gets caught in an infinite boot loop.
Press any key to display configuration menu...
......
Reading boot image 1431271 bytes.
ehci_hcd 5035: fatal error
I had to revert back to 5.2.1 by using the backup image via bootloader, which required direct serial connection.
I tried the upgrade process twice, ending up in the same fatal error boot loop each time.
I had the same problem with some 80C in 5.2.1. Some would work and some not. I believe it depends on the specific hardware revision. The funny thing is it was reported to Fortinet and they told me they were aware if the issue ( bug id: 245139 ) and it would be fix in 5.2.2! I wonder if the ones that did not work in 5.2.1 are now working and the one that used to work are now broken?
techevo wrote:
I had the same problem with some 80C in 5.2.1. Some would work and some not. I believe it depends on the specific hardware revision. The funny thing is it was reported to Fortinet and they told me they were aware if the issue ( bug id: 245139 ) and it would be fix in 5.2.2! I wonder if the ones that did not work in 5.2.1 are now working and the one that used to work are now broken?
Surprisingly I myself had no problems at all upgrading my 80C to 5.2.0 or 5.2.1.
The update from 5.2.1 to 5.2.2 is the first time I encounter this issue.
So it seems not be a general problem with the image file.
Instead the problem occurs "under certain conditions".
According to this former thread this particular error also occured with 5.0:
https://forum.fortinet.com/tm.aspx?m=95861
This sounds like upgrading via TFTP instead of Web-GUI might work but I haven't tested it yet.
dfroe wrote:
I can also confirm that FortiOS 5.2.2 image for FortiGate 80C is broken.[...]
Press any key to display configuration menu...
......
Reading boot image 1431271 bytes.
ehci_hcd 5035: fatal error
To give you a recent feedback, I just installed the new 5.2.2 image (MD5sum 469d775b772d3a3fb2feacfcdc264bc6) during a maintenance window on the same FG 80C which I bricked the last time.
Good news: With the new 5.2.2 image I was actually able to successfully upgrade my FG 80C! Just uploaded it through webgui, i.e. no need to do a manual tftp flash procedure.
So everybody else having similiar problems with a 80C: Give the new 5.2.2 image a try. It looks like Fortinet actually fixed it.
I hoped that such boot loops would be identified by QA before releasing a public firmware. Especially because we already had a similiar problem with 5.2.0 and FG 30D.
However, I am now happy with the 5.2.2 - and awaiting the upcoming 5.2.3 with just a couple of more bug fixes.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1697 | |
1092 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.