thanks for responding - neither do I, I prefer to use a FAZ instead of an x1 model, better investment even in the short run...
Today I upgraded to 6.2.3:
2x 81E HA - from version 6.0.8, all without any problems (SSL VPN, IPsec VPN, without UTM)
1x 61E - from version 6.0.8, all without any problems (SSL VPN, IPsec VPN, full UTM)
everything is connected to FAZ200D, 6.0.7
only where I had in Custom device group in Policy after the update it changed to "all" - watch it.
I have found an issue with 6.2.3 where emails with attachments sent from Outlook using SMTPS (465) were blocked. After disabling the UTM checks on the outbound policy the email functions returned to normal.
This firewall was upgraded Sunday the 12th, and the problem appeared on Monday morning the 13th. No other changes were performed on the firewall apart from the upgrade.
config firewall policy edit <policy ID> set tcp-mss-sender 1452 (or whatever is appropriate) set tcp-mss-receiver 1452 (or whatever is appropriate) end on all policies that involve ssl/tls handshakes or that traffic passes over where you are facing random connectivity issues.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.