Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
SecurityPlus
Contributor II

FortiOS 5.6.2 - Feedback

I see that 5.6 adds some additional features. I have not tried any firmware beyond 5.4.5. What experience are those that are using 5.6.2 having? Would you recommend upgrading from 5.4.5 to 5.6.2 at this point?

12 REPLIES 12
emnoc
Esteemed Contributor III

No I would  run 5.4.5 in a production environment unless you extremely have to use v5.6.x. Also most of FortiOS v5.6.2 are bug fixes. New features typically come out in the parent  version.

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
SecurityPlus

Thank you. What are the primary reasons that you would wait to deploy 5.6.2?

FatalHalt

In general, the best practice with Fortinet firmware is to wait until patch 3-5 of a new version before using it, the first few GA releases are usually pretty buggy. Thus it's just being cautious to recommend waiting. I'm with Emnoc personally, I would stick to 5.4.5 for a few more months. 

SecurityPlus

That sounds like prudent advice. Thanks.

apandea
New Contributor

Hello

I recently updated my FortiGate 90D to 5.6.2. I primarily use the device for site to site vpn. With the new firmware, there is no more the column: Uptime on IPsec Monitor.

 

Has anyone encounter this?

 

Dear FortiGate team, I would be grateful if same can be brought back as it is very useful. It gives an indication on the duration of the site to site vpn connection in cases of dynamic public IP addresses are being used (site to site vpn using Fortinet DDNS).

 

Thanking you very much.

 

Regards

Ashvin

mramakers
New Contributor

Hi,

 

I just upgraded a FG60D in v5.6.2.

It's in a PoC with VPN IPsec, IPS, AV, and I don't have any issue for now since this upgrade last week.

 

O'course, I can't see these logs in my FAZ200D in FortiOS 5.2.10. But all the rest of my FGs are also in 5.2.10, so...

 

Regards.

Fullmoon

last month updated our FGT 1000C (HA A-A) running from 5.4.5 to 5.6.2 i haven't received performance issue so far. (cross finger) ;)

 

 

Fortigate Newbie

Fortigate Newbie
Salas
New Contributor

IPS crached, and traffic stoped flow using rule where IPS was tuned on.

 

 

611-03 10:49  Pid: 02194, application: ipsengine 03.430, Firmware: FortiGate-60D v5.6.2,build1486b1486,170816 (GA) (Release), Signal 11 received, Backtrace: [0x3135af94] [0x3135d3a4] [0x313684bc] [0x312ba3ac] [0x312d1ca8] [0x007f60d0] [0x0080c86c] [0x00023d2c] [0x0080d788] [0x0080ddc8] [0x00023d2c] [0x00029650] [0x00026c7c] [0x00026ec4] [0x000289ec] [0x00029268] [0x301c5bc4]Application crashed711-03 10:49  Pid: 02192, application: ipsengine 03.430, Firmware: FortiGate-60D v5.6.2,build1486b1486,170816 (GA) (Release), Signal 11 received, Backtrace: [0x3135af94] [0x3135d3a4] [0x313684bc] [0x312ba3ac] [0x312d1ca8] [0x007f60d0] [0x0080c86c] [0x00023d2c] [0x0080d788] [0x0080ddc8] [0x00023d2c] [0x00029650] [0x00026c7c] [0x00026ec4] [0x000289ec] [0x00029268] [0x301c5bc4]Application crashed811-03 10:49  Pid: 02190, application: ipsengine 03.430, Firmware: FortiGate-60D v5.6.2,build1486b1486,170816 (GA) (Release), Signal 11 received, Backtrace: [0x3135af94] [0x3135d3a4] [0x313684bc] [0x312ba3ac] [0x312d1ca8] [0x007f60d0] [0x0080c86c] [0x00023d2c] [0x0080d788] [0x0080ddc8] [0x00023d2c] [0x00029650] [0x00026c7c] [0x00026ec4] [0x000289ec] [0x00029268] [0x301c5bc4]Application crashed911-03 10:49  Pid: 02188, application: ipsengine 03.430, Firmware: FortiGate-60D v5.6.2,build1486b1486,170816 (GA) (Release), Signal 11 received, Backtrace: [0x3135af94] [0x3135d3a4] [0x313684bc] [0x312ba3ac] [0x312d1ca8] [0x007f60d0] [0x0080c86c] [0x00023d2c] [0x0080d788] [0x0080ddc8] [0x00023d2c] [0x00029650] [0x00026c7c] [0x00026ec4] [0x000289ec] [0x00029268] [0x301c5bc4]Application crashed1011-03 10:49  Pid: 02186, application: ipsengine 03.430, Firmware: FortiGate-60D v5.6.2,build1486b1486,170816 (GA) (Release), Signal 11 received, Backtrace: [0x3135af94] [0x3135d3a4] [0x313684bc] [0x312ba3ac] [0x312d1ca8] [0x007f60d0] [0x0080c86c] [0x00023d2c] [0x0080d788] [0x0080ddc8] [0x00023d2c] [0x00029650] [0x00026c7c] [0x00026ec4] [0x000289ec] [0x00029268] [0x301c5bc4]Application crashed1111-03 10:49  Pid: 02184, application: ipsengine 03.430, Firmware: FortiGate-60D v5.6.2,build1486b1486,170816 (GA) (Release), Signal 11 received, Backtrace: [0x3135af94] [0x3135d3a4] [0x313684bc] [0x312ba3ac] [0x312d1ca8] [0x007f60d0] [0x0080c
rwdorman
New Contributor III

I'm running 5.6.2 on my lab box (a 60D) and it has an interesting bug:  interfaces that negotiated to 1Gb/sec are now only coming up at 100.  Even a FortiAP is coming up incorrect.  I went from 5.2.11 which had no problems.

-rd 2x 200D Clusters 1x 100D

1x 60D FortiOS 5.2 FortiAP 221C FAZ 200D

-rd 2x 200D Clusters 1x 100D 1x 60D FortiOS 5.2 FortiAP 221C FAZ 200D
Labels
Top Kudoed Authors