Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Carl_Wallmark
Valued Contributor

Created on ‎03-28-2016 10:59 PM

FortiOS 5.2.7 is out

.

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
28171
0 Kudos
3 Solutions
vladimircze
New Contributor III
In response to donnat

Created on ‎04-14-2016 01:45 AM

Hi,

12 hours ago upgraded 100D cluster from 5.2.3 to 5.2.7 (using 5.2.5 as intermediate version in upgrade path).

Features used:

A-A cluster,

web filter,

IPS,A/V, APPL Sensors, content SSL Inspection

WiFi (WPA2-enterprise and WPA2-Personal)

SSL VPN, IPSEC VPN

OSPF, LACP

5 VDOM.

 

So far so good.

 

Vladimir, Prague, Czech Republic.

View solution in original post

10617
0 Kudos
netmin
Contributor II
In response to romanr

Created on ‎04-19-2016 12:37 PM

I don't believe this is a bug. I remember having seen a changelog or release note referring to the built-in account "FGT_ha_admin", which was originally used for exec ha manage:

 

"You log into the subordinate unit using the FGT_ha_admin administrator account. This built-in administrator account gives you read and write permission on the subordinate unit. Normally this built-in administrative account is not visible, however FGT_ha_admin does appear in event log messages."

 

I think the account was removed (for security reasons) ... [strike]I can't find the corresponding document anymore, maybe a later document revision had this piece of information removed as well.[/strike]

 

Edit: found it - the release notes downloaded from the support portal provide(d) this information.

 

View solution in original post

Preview file
8 KB
10617
0 Kudos
x_member
Contributor
In response to Diko

Created on ‎05-16-2016 06:46 AM

FYI:

5.2.7 contains ipsengine 3.0164 that does not play well with deep packet inspection and Chrome browser: https://forum.fortinet.com/tm.aspx?m=137615

 

View solution in original post

10617
0 Kudos
19 REPLIES 19
Baptiste
Contributor II

Created on ‎03-28-2016 11:22 PM

Release notes : http://docs.fortinet.com/uploaded/files/2967/fortios-v5.2.7-release-notes.pdf

 

2 FGT 100D  + FTK200

3 FGT 60E  FAZ VM  some FAP 210B/221C/223C/321C/421E

2 FGT 100D + FTK200 3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
4955
0 Kudos
storaid
Contributor
In response to Baptiste

Created on ‎03-29-2016 02:34 PM

some known issues are annoying..=_="

* Users may not be able to create new address objects from the Firewall Policy.

* All sessions: filter application, threat, and threat type, may not work as expected

* If the client is connecting to an SSID with WPA-Enterprise and User-group, it may not be able to pass the traffic policy.

* When creating an id_based policy with SSL enabled, and the set gui-multipleutm disable is applied, an Entry not found error message may appear.

* When navigating FortiView > Application some security action filters may not work.

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2

FSW224B x1

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2 FSW224B x1
4955
0 Kudos
pcraponi
Contributor II
In response to storaid

Created on ‎03-29-2016 08:11 PM

I think these "know issues" are not 5.2.7 only. I have some of these bugs in previous versions. Apparently they are all 5.2.x bugs opened.

Regards, Paulo Raponi

Regards, Paulo Raponi
4955
0 Kudos
JohnAgora
Contributor
In response to pcraponi

Created on ‎03-30-2016 12:05 PM

Anyone found the file "What’s New for FortiOS 5.2.7 "?

 

Thanks!

4955
0 Kudos
emnoc
Esteemed Contributor III
In response to JohnAgora

Created on ‎03-30-2016 01:26 PM

Here's the link & click on 5.2

 

http://docs.fortinet.com/fortigate/release-information

 

Ken

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
4955
0 Kudos
JohnAgora
Contributor
In response to emnoc

Created on ‎03-30-2016 01:33 PM

I just found the one on 5.2.5.

Cheers!

4955
0 Kudos
donnat
New Contributor III
In response to JohnAgora

Created on ‎03-31-2016 02:28 AM

Maybe there will be no new features in 5.2, but only bug fixes... and the new features will be to v5.4 ... I hope ... and thank you advance to correct any bugs in 5.2.8... Pleeeeeeeaaaaaaaaaase

Cluster Active/Passive Fortigate-1500D 6.0.9 (AV, DLP, AppCtrl & IPS, DHCP, AlertMail, Fortiguard Web & AS, OSPF & RIPv2, SSL-VPN Portal Web and Tunnel) FortiAnalyzer-3000D 6.0.8 (Log, Syslog, Alert event, Quarantine & Report)

Cluster Active/Passive Fortigate-1500D 6.0.9 (AV, DLP, AppCtrl & IPS, DHCP, AlertMail, Fortiguard Web & AS, OSPF & RIPv2, SSL-VPN Portal Web and Tunnel) FortiAnalyzer-3000D 6.0.8 (Log, Syslog, Alert event, Quarantine & Report)
4955
0 Kudos
vladimircze
New Contributor III
In response to donnat

Created on ‎04-14-2016 01:45 AM

Hi,

12 hours ago upgraded 100D cluster from 5.2.3 to 5.2.7 (using 5.2.5 as intermediate version in upgrade path).

Features used:

A-A cluster,

web filter,

IPS,A/V, APPL Sensors, content SSL Inspection

WiFi (WPA2-enterprise and WPA2-Personal)

SSL VPN, IPSEC VPN

OSPF, LACP

5 VDOM.

 

So far so good.

 

Vladimir, Prague, Czech Republic.

10618
0 Kudos
AtiT
Valued Contributor
In response to vladimircze

Created on ‎04-19-2016 02:14 AM

I updated an A-P cluster from 5.2.4 to 5.2.7 (via 5.2.6). Now when I want to connect to the subordinary unit with command #execute ha manage <id> the username and password needed to be entered. Is it a new feature? I did not find it in the release notes or I missed something?

It could be a problem on an A-P cluster when external user authentication is used for admins like LDAP etc. as the passive unit will not authenticate the user.

AtiT

AtiT
4955
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.