Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
James_G
Contributor III

FortiOS 6.2.3 is out

6 Solutions
emnoc
Esteemed Contributor III

Same here, 6.2.3 is solid and works great. 

 

Ken Felix

PCNSE 

NSE 

StrongSwan  

View solution in original post

PCNSE NSE StrongSwan
emnoc
Esteemed Contributor III

We have both on but on all medium size 200 and 300Es, so it looks good for now. Will keep monitor.

 

Ken Felix

PCNSE 

NSE 

StrongSwan  

View solution in original post

PCNSE NSE StrongSwan
Jirka1

ede_pfau wrote:

thanks for responding - neither do I, I prefer to use a FAZ instead of an x1 model, better investment even in the short run...

 Hi Ede, Today I upgraded to 6.2.3: 2x 81E HA -  from version 6.0.8, all without any problems (SSL VPN, IPsec VPN, without UTM) 1x 61E - from version 6.0.8, all without any problems (SSL VPN, IPsec VPN, full UTM)

 

everything is connected to FAZ200D, 6.0.7

 

only where I had in Custom device group in Policy after the update it changed to "all" - watch it.

 

 

Jirka

View solution in original post

Jirka1

Hi Ede, yes, they do

 

Jirka

View solution in original post

James_G
Contributor III

JaapHoetmer
New Contributor III

Hi there,

 

I have found an issue with 6.2.3 where emails with attachments sent from Outlook using SMTPS (465) were blocked. After disabling the UTM checks on the outbound policy the email functions returned to normal.

 

This firewall was upgraded Sunday the 12th, and the problem appeared on Monday morning the 13th. No other changes were performed on the firewall apart from the upgrade.

 

Kind regards, Jaap

View solution in original post

Kind regards, Jaap
40 REPLIES 40
tanr
Valued Contributor II

Copying details from https://www.reddit.com/r/fortinet/comments/eyr6g7/n00b_question_30e_623_has_broken_roku_outside/, it looks like the the bug IDs for the MTU stuff are 603899 and 593103.

 

A possible workaround is:

 

config firewall policy     edit <policy ID>

        set tcp-mss-sender 1452 (or whatever is appropriate)         set tcp-mss-receiver 1452 (or whatever is appropriate)

    end

 

on all policies that involve ssl/tls handshakes or that traffic passes over where you are facing random connectivity issues.

Labels
Top Kudoed Authors