http://docs.fortinet.com/uploaded/files/3130/fortios-v5.2.8-release-notes.pdf
2 FGT 100D + FTK200
3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
MrSinners wrote:I am also interested in this bug ID. Planning to upgrade critical FG's soon from 5.2.4 to 5.2.8 which are using policy based VPN's..
Maybe someone from Fortinet can also reply in this topic?
I opened a ticket with them today on this and referenced this post. I'll pass along any updates I get.
FortiOSman wrote:Mattbaldwin wrote:Itguy wrote:This tunnel error seems to be around since 5.2.5..
Tunnel is up. Pings between tunnel is fine. But no data otherwise will pass. Reboot fixes it.
We've been struggling with this error a long time with no resolution from Fortinet. Very frustrating.
We had an issue with a VPN tunnel not passing traffic and Fortinet diagnosed it as being a known bug to do with the NPU offloading IPSEC and it was fixed by running the command "set npu-offload disable" against the phase 1 of the problematic VPN.
Excellent news. Thanks for sharing that. Do you happen to have the bug ID? I want to reach out to their support for more information.
Unfortunately I didn't get a bug ID. I have also been told a lot of the issues with NPU offloading for IPSEC have been fixed with the NP6 in version 5.4
Mattbaldwin wrote:FortiOSman wrote:Mattbaldwin wrote:Itguy wrote:This tunnel error seems to be around since 5.2.5..
Tunnel is up. Pings between tunnel is fine. But no data otherwise will pass. Reboot fixes it.
We've been struggling with this error a long time with no resolution from Fortinet. Very frustrating.
We had an issue with a VPN tunnel not passing traffic and Fortinet diagnosed it as being a known bug to do with the NPU offloading IPSEC and it was fixed by running the command "set npu-offload disable" against the phase 1 of the problematic VPN.
Excellent news. Thanks for sharing that. Do you happen to have the bug ID? I want to reach out to their support for more information.
Unfortunately I didn't get a bug ID. I have also been told a lot of the issues with NPU offloading for IPSEC have been fixed with the NP6 in version 5.4
Hey Matt,
did you ever get an update from Fortinet Support on this issue?
Sylvia
Mattbaldwin wrote:Itguy wrote:This tunnel error seems to be around since 5.2.5..
Tunnel is up. Pings between tunnel is fine. But no data otherwise will pass. Reboot fixes it.
We've been struggling with this error a long time with no resolution from Fortinet. Very frustrating.
We had an issue with a VPN tunnel not passing traffic and Fortinet diagnosed it as being a known bug to do with the NPU offloading IPSEC and it was fixed by running the command "set npu-offload disable" against the phase 1 of the problematic VPN.
Hi,
What was your issue exactly (I hope it isn't related to add/edit firewall rules...)? Is this bug was with firmware 5.2.8 ?
Lucas
So, in the release notes of 5.2.9 the following is mentioned as resolved:
376599 Keep IPSec traffic on the hardware during rekeying causes kernel panic.
The ones encountering the VPN issue mentioned that they had to reboot, so this fixed bug seems to be the VPN issue mentioned in this topic. What do you guys think?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1662 | |
1077 | |
752 | |
443 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.