Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Baptiste
Contributor II

FortiOS 5.2.8 is Out

 

http://docs.fortinet.com/uploaded/files/3130/fortios-v5.2.8-release-notes.pdf

2 FGT 100D  + FTK200

3 FGT 60E  FAZ VM  some FAP 210B/221C/223C/321C/421E

2 FGT 100D + FTK200 3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
24 REPLIES 24
FortiOSman
New Contributor III

MrSinners wrote:

I am also interested in this bug ID. Planning to upgrade critical FG's soon from 5.2.4 to 5.2.8 which are using policy based VPN's..

 

Maybe someone from Fortinet can also reply in this topic?

I opened a ticket with them today on this and referenced this post. I'll pass along any updates I get. 

Mattbaldwin

FortiOSman wrote:

Mattbaldwin wrote:

Itguy wrote:

This tunnel error seems to be around since 5.2.5..

 

Tunnel is up. Pings between tunnel is fine. But no data otherwise will pass. Reboot fixes it.

 

We've been struggling with this error a long time with no resolution from Fortinet. Very frustrating.

We had an issue with a VPN tunnel not passing traffic and Fortinet diagnosed it as being a known bug to do with the NPU offloading IPSEC and it was fixed by running the command "set npu-offload disable" against the phase 1 of the problematic VPN.

Excellent news. Thanks for sharing that. Do you happen to have the bug ID? I want to reach out to their support for more information. 

Unfortunately I didn't get a bug ID.  I have also been told a lot of the issues with NPU offloading for IPSEC have been fixed with the NP6 in version 5.4

Sylvia

Mattbaldwin wrote:

FortiOSman wrote:

Mattbaldwin wrote:

Itguy wrote:

This tunnel error seems to be around since 5.2.5..

 

Tunnel is up. Pings between tunnel is fine. But no data otherwise will pass. Reboot fixes it.

 

We've been struggling with this error a long time with no resolution from Fortinet. Very frustrating.

We had an issue with a VPN tunnel not passing traffic and Fortinet diagnosed it as being a known bug to do with the NPU offloading IPSEC and it was fixed by running the command "set npu-offload disable" against the phase 1 of the problematic VPN.

Excellent news. Thanks for sharing that. Do you happen to have the bug ID? I want to reach out to their support for more information. 

Unfortunately I didn't get a bug ID.  I have also been told a lot of the issues with NPU offloading for IPSEC have been fixed with the NP6 in version 5.4

Hey Matt,

 

did you ever get an update from Fortinet Support on this issue?

 

Sylvia

hklb

Mattbaldwin wrote:

Itguy wrote:

This tunnel error seems to be around since 5.2.5..

 

Tunnel is up. Pings between tunnel is fine. But no data otherwise will pass. Reboot fixes it.

 

We've been struggling with this error a long time with no resolution from Fortinet. Very frustrating.

We had an issue with a VPN tunnel not passing traffic and Fortinet diagnosed it as being a known bug to do with the NPU offloading IPSEC and it was fixed by running the command "set npu-offload disable" against the phase 1 of the problematic VPN.

Hi,

 

What was your issue exactly (I hope it isn't related to add/edit firewall rules...)? Is this bug was with firmware 5.2.8 ?

 

Lucas

MrSinners

So, in the release notes of 5.2.9 the following is mentioned as resolved:

 

376599 Keep IPSec traffic on the hardware during rekeying causes kernel panic.

 

The ones encountering the VPN issue mentioned that they had to reboot, so this fixed bug seems to be the VPN issue mentioned in this topic. What do you guys think?

 

Labels
Top Kudoed Authors