.
FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi,
12 hours ago upgraded 100D cluster from 5.2.3 to 5.2.7 (using 5.2.5 as intermediate version in upgrade path).
Features used:
A-A cluster,
web filter,
IPS,A/V, APPL Sensors, content SSL Inspection
WiFi (WPA2-enterprise and WPA2-Personal)
SSL VPN, IPSEC VPN
OSPF, LACP
5 VDOM.
So far so good.
Vladimir, Prague, Czech Republic.
I don't believe this is a bug. I remember having seen a changelog or release note referring to the built-in account "FGT_ha_admin", which was originally used for exec ha manage:
"You log into the subordinate unit using the FGT_ha_admin administrator account. This built-in administrator account gives you read and write permission on the subordinate unit. Normally this built-in administrative account is not visible, however FGT_ha_admin does appear in event log messages."
I think the account was removed (for security reasons) ... [strike]I can't find the corresponding document anymore, maybe a later document revision had this piece of information removed as well.[/strike]
Edit: found it - the release notes downloaded from the support portal provide(d) this information.
FYI:
5.2.7 contains ipsengine 3.0164 that does not play well with deep packet inspection and Chrome browser: https://forum.fortinet.com/tm.aspx?m=137615
Release notes : http://docs.fortinet.com/uploaded/files/2967/fortios-v5.2.7-release-notes.pdf
2 FGT 100D + FTK200
3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
some known issues are annoying..=_="
* Users may not be able to create new address objects from the Firewall Policy.
* All sessions: filter application, threat, and threat type, may not work as expected
* If the client is connecting to an SSID with WPA-Enterprise and User-group, it may not be able to pass the traffic policy.
* When creating an id_based policy with SSL enabled, and the set gui-multipleutm disable is applied, an Entry not found error message may appear.
* When navigating FortiView > Application some security action filters may not work.
FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2
FSW224B x1
I think these "know issues" are not 5.2.7 only. I have some of these bugs in previous versions. Apparently they are all 5.2.x bugs opened.
Regards, Paulo Raponi
Anyone found the file "What’s New for FortiOS 5.2.7 "?
Thanks!
Here's the link & click on 5.2
http://docs.fortinet.com/fortigate/release-information
Ken
PCNSE
NSE
StrongSwan
I just found the one on 5.2.5.
Cheers!
Maybe there will be no new features in 5.2, but only bug fixes... and the new features will be to v5.4 ... I hope ... and thank you advance to correct any bugs in 5.2.8... Pleeeeeeeaaaaaaaaaase
Cluster Active/Passive Fortigate-1500D 6.0.9 (AV, DLP, AppCtrl & IPS, DHCP, AlertMail, Fortiguard Web & AS, OSPF & RIPv2, SSL-VPN Portal Web and Tunnel) FortiAnalyzer-3000D 6.0.8 (Log, Syslog, Alert event, Quarantine & Report)
Hi,
12 hours ago upgraded 100D cluster from 5.2.3 to 5.2.7 (using 5.2.5 as intermediate version in upgrade path).
Features used:
A-A cluster,
web filter,
IPS,A/V, APPL Sensors, content SSL Inspection
WiFi (WPA2-enterprise and WPA2-Personal)
SSL VPN, IPSEC VPN
OSPF, LACP
5 VDOM.
So far so good.
Vladimir, Prague, Czech Republic.
I updated an A-P cluster from 5.2.4 to 5.2.7 (via 5.2.6). Now when I want to connect to the subordinary unit with command #execute ha manage <id> the username and password needed to be entered. Is it a new feature? I did not find it in the release notes or I missed something?
It could be a problem on an A-P cluster when external user authentication is used for admins like LDAP etc. as the passive unit will not authenticate the user.
AtiT
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1629 | |
1063 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.