a little disappointed..
no enhancements..
it's just a bugs fixed release....
[size="5"]definitely 1 of terrible f/w for FOS...[/size]
UNSTABLE GUI
[size="6"]ANNOYING SSL VPN problem..............[/size]
[size="3"]fortinet, I think you must quickly push out next fixed release or give some explains.........[/size]
201508020844, CSB-150730-1-Partial-Config-Loss
FortiGate models listed below may lose configuration pertaining to IPsec interface, virtual access point interface, loopback interface, or virtual-switch interface after a reboot when the FortiGate is deployed with FortiOS 5.2.4 with build number 0688 and time 150722.
FGT20C3X12000161 # get sys stat
Version: FortiGate-20C v5.2.4,build0688,150722 (GA)
Potentially Affected Products:
FortiGate: FG-20C, FG-20C-ADSL, FG-30D, FG-30D-PoE, FG-40C
FortiWiFi: FW-20C, FW-20C-ADSL, FW-30D, FW-30D-PoE, FW-40C
Resolution:
FortiOS 5.2.4 software images for the models above have been rebuilt and re-posted on the customer support web site with build number 0688 and time 150730.
FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2
FSW224B x1
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Why does this keep happening? Fortinet makes such great hardware, but they have seriously burned some of us with bad firmware releases. I'm a constant Fortinet advocate, but this kind of crap demonstrates a lack of QC and concern for the customer environment. These type of issues should definitely be exposed by a good QC system and if the firmware has the potential to wipe a config, for godness sakes it should not be released. Those of us who are long time Fortinet customers have learned to be wary of new releases and to always reboot the appliance, take a back up, and wait for others to expose the bugs, but it doesn't need to be that way with the right internal controls at Fortinet. Pick up the slack guys. You make a great product but you are tripping over your own feet when you release builds like this.
dfollis wrote:Why does this keep happening? Fortinet makes such great hardware, but they have seriously burned some of us with bad firmware releases. I'm a constant Fortinet advocate, but this kind of **** demonstrates a lack of QC and concern for the customer environment. These type of issues should definitely be exposed by a good QC system and if the firmware has the potential to wipe a config, for godness sakes it should not be released. Those of us who are long time Fortinet customers have learned to be wary of new releases and to always reboot the appliance, take a back up, and wait for others to expose the bugs, but it doesn't need to be that way with the right internal controls at Fortinet. Pick up the slack guys. You make a great product but you are tripping over your own feet when you release builds like this.
Completely agree!! And this is NOT the first time this happens........
Fortigate <3
https://support.fortinet.com/Information/Bulletin.aspx?section=46
Improvements to minimize this issue will be included in FortiOS 5.2.5 patch release and 5.4.0 minor release, the current ETA for release of both versions is December 2015.
Fortinet recommend customers to upgrade to FortiOS 5.2.5 or later as soon as it is available in order to minimize flash wear. Not doing so may result in a reduced life time of the device and cause high RMA return rates.
FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2
FSW224B x1
The flash storage issue has me wondering if returning to the first design of the 60C might be a solution?
ie. having swapable SDHC cards.
NSE8
Fortinet Expert partner - Norway
simonorch wrote:The flash storage issue has me wondering if returning to the first design of the 60C might be a solution?
ie. having swapable SDHC cards.
Swapable flash would be great.
By the way, thanks for the hint. I had old end-of-support 60C with corrupted flash. I was not able to restore image and replacing it with new 60d was cheaper so it was just waiting for miracle to happen. Which just did!
I checked if my 60C had swapable flash after reading your post. It did not, but it turns out that you can plugin USB stick and install FortiOS to the stick. All you have to do is remove jumpers from the motherboard and restore image. After that the USB stick will be /dev/sda. Hard disk or USB Flash is not available anymore but it is otherwise running fine.
I would not use it for production tho :)
test60C # get hardware status Model name: FortiGate-60C ASIC version: CP0 ASIC SRAM: 64M CPU: FortiSOC Number of CPUs: 1 RAM: 439 MB Compact Flash: 3840 MB /dev/sda Hard disk: not available USB Flash: not available
That's an awesome hack! Nice work.
anyone have confirmed release date for 5.2.5 again???
FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2
FSW224B x1
It's available now :)
simonpt wrote:It's available now :)
Is it safe? :D
Fortigate <3
Version 5.2.5 did not solve the SSL VPN Problem but i found a solution to fix it.
As I noticed that the Local-In Policy was not created I tried to play around with it.
My solution was to set multiple interfaces to listen on in the SSL - Settings menu.
After this it created the Local-In Policy automatically.
The SSL VPN worked.
Then I removed the unneeded interfaces and everything left fine.
I hope this trick works for you too.
kind regards
Gerald
I've a 100D with WAN load balancing and noticed that my WAN2 GUI is not accessible if the weight is lower than my WAN1 connection.
Submitted a support ticket and was told to downgrade back to 5.2.3. The GUI was than accessible on the WAN2 interface.
TAC replied to my ticket about inaccesible GUI on low weight WAN Interface with WAN Linked Load Balanced configurations.
The bug (bug ID:0287871) will be fixed in the following patch release, which is 5.2.5.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1502 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.