- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiOS v5.2.4 is out(Unstable GUI, Bad SSLVPN)....
a little disappointed..
no enhancements..
it's just a bugs fixed release....
[size="5"]definitely 1 of terrible f/w for FOS...[/size]
UNSTABLE GUI
[size="6"]ANNOYING SSL VPN problem..............[/size]
[size="3"]fortinet, I think you must quickly push out next fixed release or give some explains.........[/size]
201508020844, CSB-150730-1-Partial-Config-Loss
FortiGate models listed below may lose configuration pertaining to IPsec interface, virtual access point interface, loopback interface, or virtual-switch interface after a reboot when the FortiGate is deployed with FortiOS 5.2.4 with build number 0688 and time 150722.
FGT20C3X12000161 # get sys stat
Version: FortiGate-20C v5.2.4,build0688,150722 (GA)
Potentially Affected Products:
FortiGate: FG-20C, FG-20C-ADSL, FG-30D, FG-30D-PoE, FG-40C
FortiWiFi: FW-20C, FW-20C-ADSL, FW-30D, FW-30D-PoE, FW-40C
Resolution:
FortiOS 5.2.4 software images for the models above have been rebuilt and re-posted on the customer support web site with build number 0688 and time 150730.
FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2
FSW224B x1
Solved! Go to Solution.
- Labels:
-
5.2
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Why does this keep happening? Fortinet makes such great hardware, but they have seriously burned some of us with bad firmware releases. I'm a constant Fortinet advocate, but this kind of crap demonstrates a lack of QC and concern for the customer environment. These type of issues should definitely be exposed by a good QC system and if the firmware has the potential to wipe a config, for godness sakes it should not be released. Those of us who are long time Fortinet customers have learned to be wary of new releases and to always reboot the appliance, take a back up, and wait for others to expose the bugs, but it doesn't need to be that way with the right internal controls at Fortinet. Pick up the slack guys. You make a great product but you are tripping over your own feet when you release builds like this.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
dfollis wrote:Why does this keep happening? Fortinet makes such great hardware, but they have seriously burned some of us with bad firmware releases. I'm a constant Fortinet advocate, but this kind of **** demonstrates a lack of QC and concern for the customer environment. These type of issues should definitely be exposed by a good QC system and if the firmware has the potential to wipe a config, for godness sakes it should not be released. Those of us who are long time Fortinet customers have learned to be wary of new releases and to always reboot the appliance, take a back up, and wait for others to expose the bugs, but it doesn't need to be that way with the right internal controls at Fortinet. Pick up the slack guys. You make a great product but you are tripping over your own feet when you release builds like this.
Completely agree!! And this is NOT the first time this happens........
Fortigate <3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Has anyone else noticed so far that the "execute ping-options source" parameter dissapeared?
Default source is auto and it seems you cannot change that anymore.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
OK, this is strange. Maybe it was a faulty installation. Because of several other problems we reinstalled 5.2.4.
Reinstalling brought back the ping-option source. So everything again as expected so far.
FYI it's a FGT-60D A-P Cluster with vdoms.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
what does the view-settings show?
e.g
execute ping-options view-settings
Also what model are you using?
PCNSE
NSE
StrongSwan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I upgraded one FGT40C from 5.2.3 to 5.2.4. Then all VPN connections disappeared. This was in production so I downgraded to 5.2.3 again, the problem was still there. So I drove back config from 5.2.3 and everything was fine.
Fortigate <3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Same for me.
Phase1-, Phase2-settings and routes for this tunnel interface disappeared during update.
The tunnel interface and firewall policies with those interfaces were still there.
Happens with a FGT40C but not with a FGT60D. Ticket is already opened...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Problems with System-Monitor-DHCP Monitor: create / edit IP Reservation. If i reserved more then 1 addresses, the internal 500 error showing. Same problem in 5.2.3 as well.
Fortigate <3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There are also problems with reporting the correct amount of data traffic in the tunnel. I have pasted what it should have been from the policy. (traffic less than 22hours)
Fortigate <3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
After upgrade our FortiGate to the version 5.2.4 we lost the external access and the SSL VPN access (it's not reachable).
The external access and the SSL VPN works only with the interface that have the lower priority in the routing table (for example, if I have two external interfaces both with the distance 10 and one with the priority 0 and the other with the priority 10. Only the interface with the priority 0 will have external access and SSL VPN working).
I think that is a bug in the version 5.2.4 or the static routing behavior has changed.
I opened a ticket in the Support to check this.
Fábio Lourenzi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
fabiolourenzi wrote:After upgrade our FortiGate to the version 5.2.4 we lost the external access and the SSL VPN access (it's not reachable).
The external access and the SSL VPN works only with the interface that have the lower priority in the routing table (for example, if I have two external interfaces both with the distance 10 and one with the priority 0 and the other with the priority 10. Only the interface with the priority 0 will have external access and SSL VPN working).
I think that is a bug in the version 5.2.4 or the static routing behavior has changed.
I opened a ticket in the Support to check this.
Fábio Lourenzi
I have same problem with SSL VPN after upgrade FortiGate to the version 5.2.4
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
zackx wrote:fabiolourenzi wrote:After upgrade our FortiGate to the version 5.2.4 we lost the external access and the SSL VPN access (it's not reachable).
The external access and the SSL VPN works only with the interface that have the lower priority in the routing table (for example, if I have two external interfaces both with the distance 10 and one with the priority 0 and the other with the priority 10. Only the interface with the priority 0 will have external access and SSL VPN working).
I think that is a bug in the version 5.2.4 or the static routing behavior has changed.
I opened a ticket in the Support to check this.
Fábio Lourenzi
I have same problem with SSL VPN after upgrade FortiGate to the version 5.2.4
Have to wonder about the QA process here - a bug of this magnitude (not obeying priority) should be caught very early in the testing cycle. Personally have had dealt with stupid bugs during the last three point releases. And now this. How about a pure bugfix release - if something basic such as routing is working, don't mess with it. And test the bloody software for a change, we've had something like four months between releases.